MD5 password encryption.

Tell me, if you take the md5 hash from the sum of the md5 hashes of each character of the word, will it take a long time to calculate? The length of the word is no more than 16 characters.


Answer 1, authority 100%

Well, check it out. Make an array with words, let’s say 10 pieces. Write an encryption function, put its execution in a loop, at least 10 thousand times and measure it with a timer, then it is not difficult to calculate the arithmetic mean. And hardly anyone will say that, because it depends more on the load of the server.


Answer 2, authority 100%

I don’t know how it is in PHP, but in my C encryption program, the difference between encryption with calculating a new MD5 for every 16 input characters with a simple overlay of once calculated MD5 (from the key) was about an order of magnitude. A simple variant on about 100MB file is about 5MB/sec.

If you have the task of registering users online, then I think no matter how complex calculations you perform, it will not be noticeable to the eye.


Answer 3, authority 50%

The count will be fast. Therefore, MD5 (but not only) and notare recommended for password hashing.

The hash function is used here to make it difficult, knowing the hash, to find out the password. Even for an ideal hash function, the faster it is, the easier it is to brute force passwords. Legitimate password checks take a small fraction of the time. Accordingly, the one-way function used must be slow. Not so slow, of course, that password verification “slows down”, but so much that brute-force search is an unpleasant undertaking, and on typically available hardware it is unpromising.

See http://codahale.com/how-to-safely-store-a-password/


Answer 4

Create a file on your website: md5.php

<!DOCTYPE html>
<html>
<head>
    <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
        <title></title>
    </head>
    <body>
    <?php
      if (!empty($_POST['text'])) {
          $text = md5 /* md5(md5  sha     )) */ ($_POST['text']);
          echo "$text";
      } else {
          echo "<form action="md5.php" method="post">n <input name="text" maxlengh="140"/>n<input type="submit"/></form>";
      }
    ?>
    </body>
</html>

and test on it!

ps a simple hash (what is written above without /**/), you can try it out on my site.


Answer 5

Use salt: md5($pass.'salt'), salt is any word known only to you.