MD5 Passwords 'no longer safe'




The original author of the MD5 password hash algorithm has publicly declared his software end-of-life and is “no longer considered safe” to use on commercial websites.

This comes only a day after a data breach led to 6.46 million LinkedIn hashed passwords leaking to the Web. Since the data breach, thousands of passwords, including many that could be considered strong, have been decrypted, either through brute force or through lookups.

The primary cause is LinkedIn’s failure to properly ’salt’ the hashed passwords using SHA-1 algorithm. MD5 is a password hashing algorithm similar to that of SHA-1. LinkedIn’s Vicente Silveira said on Wednesday the company has increased its security “which includes hashing and salting of our current password databases.” Although the post says this change was made “recently,” it does not indicate whether the change was applied last month, this week, or yesterday.


Do you have questions, comments, or suggestions? Feel free to post a comment! 


Subscribe to Saint Andrew's Paradise
Like this post?
Subscribe to "Saint Andrew's Paradise" and get all new tricks, tools and regular updates to your inbox!

    




Share your views...

1 Respones to "MD5 Passwords 'no longer safe'"

Unknown said...
June 10, 2012 at 10:56 PM

Nothing online is really safe. If you put your identity online, just be sure that you will take responsibility for it. Hacking is art.







By: www.rickyzurvassocialmedia.com.au

Post a Comment

 

About Me

Saint Andrew is a computer science student. Saint Andrew is a founder of the blog Saint Andrew's Hacking Paradise.

His mission and the aim of this blog is to make the reader aware of the existing threats and describe them in comprehensible way.

"Saint Andrew's Hacking Paradise" is a place to Learn, Understand and Explore the facts of computer technology.

You are always welcome to contact us to suggest ideas, tips, or to ask questions.

© 2011 Saint Andrew's Hacking Paradise

This blog run on iThesis Theme & hosted by Blogger