The dev FAQ perpetuates a common misconception about "broken" MD5 and SHA1.
MD5 and SHA1 are bad for password hashing indeed, but that's because they're fast, not because they have known collisions.
Collision attack has nothing to do with password security. For passwords the relevant attack is the preimage attack, which is a different thing and there are no feasible preimage attacks against these hashes (yet, of course).
MD5 and SHA1 are bad for password hashing indeed, but that's because they're fast, not because they have known collisions.
Collision attack has nothing to do with password security. For passwords the relevant attack is the preimage attack, which is a different thing and there are no feasible preimage attacks against these hashes (yet, of course).