The md5crypt() Author Says The Algorithm Is No Longer Secure

June 8, 2012 By The Vigilant Application Owner

Inquirer – (International) The md5crypt() author says the algorithm is no longer secure. The author of md5crypt(), which is used to encrypt passwords on some FreeBSD and Linux-based operating systems, said it is no longer secure despite being recommended as a password hashing function. He implemented a researcher’s MD5 one-way hashing algorithm in his md5crypt() function that has been in use on FreeBSD and Linux-based operating systems for many years. Now, the author was forced to say md5crypt() is no longer secure after he claimed people were still recommending it for production use.