On May 4, 2009, at 4:48 PM, Mike Lewis wrote:
Having passwords encrypted in MD5 sent in plaintext is probably almost
worse than just sending them in plaintext.
I was about to say something similar, until I read more about Paul's
scheme. :)
Paul is using a hand-shake method whereby the pass
Hi Paul,
Having passwords encrypted in MD5 sent in plaintext is probably almost
worse than just sending them in plaintext.
MD5 has been considered insecure for quite a while now. It's very easy
to
crack. [1]
The reason I suggest it's worse is because it gives a false sense of
security.
Also, th
