--001485f6c57c1c1f7004800b0fd0 Content-Type: text/plain; charset=ISO-8859-1 In the DFLY Handbook, it states that DragonFly uses MD5 for creating password entries/hashes (/etc/passwd). I would like to point out that MD5 is old and considered broken. Therefore, I suggest upgrading DragonFly to use either SHA-1, or SHA-2. Out of the two options I would recommend SHA-2, since problems have been identified in SHA-1. It does say in Wikipedia, that Unix/Linux vendors are migrating to use SHA-2 for password hashes (256-bit and 512-bit). PS It says in Wikipedia that MD5 "should be considered cryptographically broken and unsuitable for further use", and that US government applications are required to move to SHA-2 by 2010. -- Sincerely, Robin Carey --001485f6c57c1c1f7004800b0fd0 Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable <div>In the DFLY Handbook, it states that DragonFly uses MD5 for creating p= assword entries/hashes (/etc/passwd).</div> <div>=A0</div> <div>I would like to point out that MD5 is old and considered broken.</div> <div>=A0</div> <div>Therefore, I suggest upgrading DragonFly to use either SHA-1, or SHA-2= .. Out of the two options I would recommend SHA-2, since problems have been = identified in SHA-1.</div> <div>=A0</div> <div>It does say in Wikipedia, that Unix/Linux vendors are migrating to use= SHA-2 for password hashes (256-bit and 512-bit).</div> <div>=A0</div> <div>PS It says in Wikipedia that MD5 &quot;should be considered cryptograp= hically broken and unsuitable for further use&quot;, and that US government= applications are required to move to SHA-2 by 2010.<br clear=3D"all"><br> -- <br>Sincerely,<br>Robin Carey<br></div> --001485f6c57c1c1f7004800b0fd0--