edonyzpc / toolkitem

personal toolkits for daily code
MIT License
2 stars 1 forks source link

MD5 will generate identical outputs for the different input parameters #1

Closed edonyzpc closed 8 years ago

edonyzpc commented 8 years ago

_MD5 encryption might got problem_

Recently, several exploits were developed which proved that MD5 will generate identical outputs for the different input parameters. As a consequence, somebody can break your encryption or log on to your website. For example: someone might be able to log on to your service with two different passwords, if their MD5 hashes are identical.

TODO(edony): fix the hashlib.md5 method for password encrypytion and replace it with hashlib.sha512 method.

P.S. Check usage of exploitable MD5 hashes

edonyzpc commented 8 years ago

_Safety problem from MD5 encryption has been solved by SHA512 encryption._