miniBB Support Forums | 16 years on The Web
miniBB ®


 | Begin | Register | Reply | Search | Statistics | File Bank | Manual |
Master Class miniBB Support Forums / Master Class /   

Is MD5 not safe?

Author Anonymous
#1 | Posted: 30 Jul 2007 23:06 
When browsing MySQL forums, I came across posts that mention that md5 is considered broken as it has been cracked and sha1 should be used for password encryption. I believe MiniBB uses MD5. Can anyone tell me whether MD5 is less secure than Sha1? Will MiniBB change to sha1 in future versions?

Author Paul
Lead Developer
#2 | Posted: 31 Jul 2007 04:07 | Edited by: Paul 
I suppose you could modify bb_cookie.php file (function writeUserPwd() ) so it encodes using sha1 not md5... the length of user_password field in database should be made bigger to 40 symbols too.

But in general, all myths about md5 cracked IMHO could exist only in theory. Yes, if you're using simple passwords which consist of 2-4 letters they could be easily decoded even with brute force attack. However if your password contains more than 10 symbols, digits and some special sign, you could spend years of life decoding it.

So we have no plans changing this algorithm since forums are not the credit card system and everything you need to specify setting your password is a difficult phrase, that's all... like for any other regular system.

Author Anonymous
#3 | Posted: 31 Jul 2007 06:11 
Paul, what you say makes sense and I agree to it. Thanks.

Master Class miniBB Support Forums / Master Class /
 Is MD5 not safe?
 Share Topic's Link

Your Reply Click this icon to move up to the quoted message

Post as a Guest, leaving the Password field blank. You could also enter a Guest name, if it's not taken by a member yet. Sign-in and post at once, or just sign-in, bypassing the message's text.

Before posting, make sure your message is compliant with our forum posting rules. If not, it may be locked or deleted with no explanation.


miniBB Support Forums Powered by Forum Software miniBB ® Home  Features  Requirements  Demo  Download  Showcase  Gallery of Arts
Compiler  Premium Extensions  Premium Support  License  Contact Us
Get the Captcha add-on: protect your miniBB-forums from the automated spam and flood.