in reply to Re^3: how to crypt and decrypt password from 4 to 15 characters in length
in thread how to crypt and decrypt password from 4 to 15 characters in length

True, which is why I said there is no need to migrate existing applications at this point. However, the existence of collision attacks makes it more likely that preimage attacks (which would allow to generate an input that will produce a given existing hash) will be found. More secure algorithms exist and are not prohibitively computationally expensive, no reason not to use them.


There are ten types of people: those that understand binary and those that don't.
  • Comment on Re^4: how to crypt and decrypt password from 4 to 15 characters in length
  • Download Code

In Section Seekers of Perl Wisdom