DragonFly BSD
DragonFly bugs List (threaded) for 2010-02
[Date Prev][Date Next]  [Thread Prev][Thread Next]  [Date Index][Thread Index]

Re: MD5 password hash


From: Matthew Dillon <dillon@xxxxxxxxxxxxxxxxxxxx>
Date: Sat, 20 Feb 2010 17:01:27 -0800 (PST)

:In the DFLY Handbook, it states that DragonFly uses MD5 for creating
:password entries/hashes (/etc/passwd).
:
:I would like to point out that MD5 is old and considered broken.
:
:Therefore, I suggest upgrading DragonFly to use either SHA-1, or SHA-2. Out
:of the two options I would recommend SHA-2, since problems have been
:identified in SHA-1.
:
:It does say in Wikipedia, that Unix/Linux vendors are migrating to use SHA-2
:for password hashes (256-bit and 512-bit).
:
:PS It says in Wikipedia that MD5 "should be considered cryptographically
:broken and unsuitable for further use", and that US government applications
:are required to move to SHA-2 by 2010.
:
:-- 
:Sincerely,
:Robin Carey
    
    Well... if someone wants to add another encryption method that's fine
    w/me.  Nobody should be using plaintext passwords for remote access
    anyway since most attacks don't even bother trying to decrypt any more,
    they just run against a dictionary.

						-Matt




[Date Prev][Date Next]  [Thread Prev][Thread Next]  [Date Index][Thread Index]