MD5 Encryption

MD5 is a popular hash function which is often used to encrypt passwords in web applications. In most applications, when a user enters their password, it is encrypted and compared to the one stored in the database. If both md5 hashes match, the user is granted access.

This approach is generally considered to be quite secure for authenticating users. However, it still has it's weaknesses.

MD5 hashes are vulnerable to dictionary and brute force attacks using rainbow tables; which store millions of passwords and their hashed values.

Which means if your database is compromised there's a good chance that your passwords can be recovered by an experienced cracker.

Here are a few tips for protecting your passwords...

• Use password salting, which makes rainbow tables useless in recovering passwords.
• Strengthen your passwords by encrypting them multiple times.

Also make sure you're using SSL if your web application has any importance. It's extremely easy to intercept passwords using packet sniffers.