What is md5() for?

Question

I was reading this tutorial for a simple PHP login system.

In the end it recommends that you should encrypt your password using md5().

Though I know this is a be

Answer 1

I like this question. But I think you've really answered yourself.

The site you referenced uses dictionary lookups of known, unsalted, md5's - it doesn't "crack" anything.

Your example is almost good, except your application needs to be able to regenerate the md5 using the same salt every time.

Your example appears to use one of the random salts, which will fail 2 of 3 times if you try to compare a users password hash to something input.

People will tell you to also use SHA1 or SHA256 to be have a 'stronger' hash - but people will also argue that they're all 'broken.'