Hacker News new | past | comments | ask | show | jobs | submit login

The primary problem with using either as a password hash is their speed.



I agree, but my point is that the "use bcrypt" drum has only been beating for a couple years to my knowledge: http://codahale.com/how-to-safely-store-a-password/

Wind the clock back 3-5 years and it's still stupid to use MD5. I could kind of understand some old code laying around that was less secure.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: