tech-security archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: md5 passwords

On Thu, Jan 15, 2009 at 10:06:43AM +0000, David Holland wrote:
> Given that md5 looks to be pretty shaky by now, should we adjust the
> passwd.conf docs and other such places to deprecate/recommend against
> using md5 passwords?
> If so it would be a good thing to do it before releasing -5...
> -- 
> David A. Holland

I would say that this should be done. Deprecating is good way to handle
this issue, because MD5 is very weak and no-one should use it anymore
for this purpose.

Henri Salo

Home | Main Index | Thread Index | Old Index