15 years on The Web
miniBB ® miniBB®
miniBB Support Forums
 | Forums | Register | Reply | Search | Statistics | Manual |
Master Class miniBB Support Forums / Master Class /   

Is MD5 not safe?

Author Anonymous
#1 | Posted: 30 Jul 2007 23:06 
When browsing MySQL forums, I came across posts that mention that md5 is considered broken as it has been cracked and sha1 should be used for password encryption. I believe MiniBB uses MD5. Can anyone tell me whether MD5 is less secure than Sha1? Will MiniBB change to sha1 in future versions?

Author Paul
Lead Developer
#2 | Posted: 31 Jul 2007 04:07 | Edited by: Paul 
I suppose you could modify bb_cookie.php file (function writeUserPwd() ) so it encodes using sha1 not md5... the length of user_password field in database should be made bigger to 40 symbols too.

But in general, all myths about md5 cracked IMHO could exist only in theory. Yes, if you're using simple passwords which consist of 2-4 letters they could be easily decoded even with brute force attack. However if your password contains more than 10 symbols, digits and some special sign, you could spend years of life decoding it.

So we have no plans changing this algorithm since forums are not the credit card system and everything you need to specify setting your password is a difficult phrase, that's all... like for any other regular system.

Author Anonymous
#3 | Posted: 31 Jul 2007 06:11 
Paul, what you say makes sense and I agree to it. Thanks.

Master Class miniBB Support Forums / Master Class / Is MD5 not safe? Top

Your Reply Click this icon to move up to the quoted message

 Short link for this topic:

You are welcome to post anonymously, by entering a nickname with no password (if the similar Username has not been taken yet), or by leaving both fields empty. If you have a forums account, you can also sign in from this page without posting a message, or sign in and post at once.

Before posting, make sure your message is compliant with our forum posting rules. If not, it may be locked or deleted with no explanation.
miniBB Support Forums Powered by Forum Software miniBB ® Features  Requirements  Demo  Download  Showcase  Gallery of Arts
Compiler  Premium Extensions  Premium Support  License  Contacts
Try the Captcha add-on: protect your miniBB-forums from the automated spam and flood.
Captcha Addon for miniBB