htpasswd creation in Livecode

Robert Sneidar slylabs13 at me.com
Fri Jan 18 13:52:07 EST 2013


One could go so far as to say that in regards to security, MD5 is no encryption at all. You can find pretty easily MD5 decryption software with no trouble. Search for Windows XP Password Crack in google and you will see what I mean. 

A friend of mine who is very good at this helped me once by plugging a USB key he prepared into a Windows Server 2000 box which I inherited, but did not have the administrator password to, and needed to get in and examine it in it's present state, why I won't go into now. He took the USB key (without ever having logged in) back to his desk, and in a half hour came back with ALL the users and their respective passwords printed out. 

That is the state of MD5 encryption these days. Back then Microsoft said this could not be done. Microsoft has said a lot of things like that. That is why MS is using AES encryption like everyone else these days. 

Bob


On Jan 18, 2013, at 9:45 AM, Peter M. Brigham wrote:

> FWIW, the md5Digest is not as secure as the sha1digest, which LC now supports.





More information about the Use-livecode mailing list