On 1/22/07, Edward Z. Yang <edwardzyang(a)thewritingpot.com> wrote:
Well, in spite of these extremely devastating attacks
in the collision
area, the keyspace of MD5 is extremely small: 128 bits is small enough
that a birthday attack is extremely feasible.
Birthday attack, maybe, but that's useless for cracking a password.
It's still far too large to brute-force a preimage. Maybe not for too
many years to come . . . I don't disagree with the idea of moving to a
new hash function just to be safe. It seems like a good idea.
(While we're on the topic of hashes, by the way, vBulletin has
JS-enabled browsers hash and salt their passwords before they even
send them. Thus man-in-the-middle attacks are impossible. Seems like
a nifty idea to consider, anyway.)
On 1/22/07, Anthony <wikitech(a)inbox.org> wrote:
The fact that the keyspace of MD5 is only 128 bits
does limit the
password strength, but who's using a password more than 13 characters
for their Wikipedia password? Does Mediawiki even allow more than 13
character passwords?
I think the limiting factor in password length in MediaWiki is how
large a POST the server is willing to accept. ;) I once tried a
password on my local install thousands of pages long, just for the
heck of it, and it worked fine.