[wp-hackers] Wordpress Event Viewer Plugin

Robert Deaton false.hopes at gmail.com
Tue Apr 3 21:20:38 GMT 2007


On 4/3/07, Computer Guru <computerguru at neosmart.net> wrote:
> Yes they do....
>
> MD5 *is* technically an encryption scheme. And yes, with the help of rainbow tables, it can be decrypted - but it is never stored in plain text anywhere in a vanilla copy.

No, its not an encryption scheme. Its a digest algorithm. A one way
hash. And no, it can't be decrypted, ever. You can do a reverse lookup
(rainbow tables) or generate a collision.

Encryption by definition allows one to reverse the process knowing a
certain secret (the function to reverse the process). MD5 has no such
capability. In fact, run MD5 over a terabyte of data and it'll end up
with the same length checksum as if you checksum the letter "a".

>
> Instead, the user password when logging in is encrypted and the two MD5 hashes are compared.
>
> I agree, it's not *that* secure, but it's good enough - like Brian was saying, how far do you want to go?

... *smack himself on the hand*. Be nice. Be nice... but its so hard.

-- 
--Robert Deaton
http://lushlab.com


More information about the wp-hackers mailing list