News and Notes from the Makers of Nexus | Sonatype Blog

The md5crypt() Author Says The Algorithm Is No Longer Secure

Written by Ali Loney | June 08, 2012

Inquirer – (International) The md5crypt() author says the algorithm is no longer secure. The author of md5crypt(), which is used to encrypt passwords on some FreeBSD and Linux-based operating systems, said it is no longer secure despite being recommended as a password hashing function. He implemented a researcher’s MD5 one-way hashing algorithm in his md5crypt() function that has been in use on FreeBSD and Linux-based operating systems for many years. Now, the author was forced to say md5crypt() is no longer secure after he claimed people were still recommending it for production use.

Source: http://www.theinquirer.net/inquirer/news/2183126/md5crypt-author-algorithm-secure