The md5crypt() Author Says The Algorithm Is No Longer Secure

June 08, 2012 By Ali Loney

1 minute read time

Inquirer – (International) The md5crypt() author says the algorithm is no longer secure. The author of md5crypt(), which is used to encrypt passwords on some FreeBSD and Linux-based operating systems, said it is no longer secure despite being recommended as a password hashing function. He implemented a researcher’s MD5 one-way hashing algorithm in his md5crypt() function that has been in use on FreeBSD and Linux-based operating systems for many years. Now, the author was forced to say md5crypt() is no longer secure after he claimed people were still recommending it for production use.

Source: http://www.theinquirer.net/inquirer/news/2183126/md5crypt-author-algorithm-secure

Tags: News, AppSec Spotlight

Written by Ali Loney

Ali Loney is a Senior UX Designer at Walmart Labs. She is based in Canada and was the former Graphic Designer at Sonatype.