Im new at coding so Maybe I've missed the point of what md5 is about. But from what' i've experienced MD5 encryption is "static" for each word. By static i mean you will always find the same result for example md5("hello"). And this makes me think that is is highly reversible using a library.
What if md5("hello") was assigned a number (example 5), and the string for example
xbuIdSjsdsjsd44s64sd was its encryption. and was equal to 5 but what if sfoiefef465f4ze4f6fe was also its encryption. and was also equal to 5
Because both for a mathematical calculation ends to the same result. That would be dynamic encryption?
I think, but I tell you I'm a newb at all this, so those are just questions that bother me, I think that people who have access to the database md5's password, can reverse them easily by testing words and stocking them as a library.
what do you think guys? and is there an alternative to md5?
thank for any help or enlightnment
For storing passwords no fast hash function which include md5 and SHA1/2 (even when salted) is acceptable. You need to use a slow hash, typically in the form of a Key-Derivation-Function to slow down brute-force. PBKDF2 and bcrypt are popular choices. You should also use a random per user salt.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With