md5 encryption security

Anon

How secure do you think MD5 encryption is for password when the users use their email address to login? I've used it for a repeat prescription system for the NHS where user confidentiality is essential...

[deleted]

MD5 is NOT encryption, it is a mathematical formula that is irreversable. It can only be 'hacked' by brute force.

A forum, a FAQ, email notification, what else do you need?

Time to YAPF!: http://www.hvt-automation.nl/yapf/

Anon

Thats great thanks, I'm an amateur!! Do you think its the safest way to store passwords in a MySQL database?

Anon

Well, md5 is secure enough.

Md5 is a one-way hash algorithm, wich means md5 "encrypted" data cannot be decryptet, whatsoever. It's definitly secure enough.

What you need to worry about is the code surrounding md5, passwords required to access the database, and of course the account-passwords (i.e. login e and password e will take very short time to brute-force).