Wouldn't PBKDF2 using be secure enough for passwords?

Submitted by 1vs in just_post

From what I understand, collisions under MD5 are very easy, but preimages are hard. On its own, MD5 is fast enough to brute force any password, even with a salt. But using MD5 as the algorithm to PBKDF2 (with an appropriate salt and iteration count) should take a long time, right?

This is a theoretical question, I'd never actually do this, but am I getting anything wrong here? This would still be Very Secure, right?


You must log in or register to comment.