5

Wouldn't PBKDF2 using be secure enough for passwords?

Submitted by twovests in just_post

From what I understand, collisions under MD5 are very easy, but preimages are hard. On its own, MD5 is fast enough to brute force any password, even with a salt. But using MD5 as the algorithm to PBKDF2 (with an appropriate salt and iteration count) should take a long time, right?

This is a theoretical question, I'd never actually do this, but am I getting anything wrong here? This would still be Very Secure, right?

Comments

You must log in or register to comment.