Wednesday, March 7, 2012

Is it better to use blowfish or md5 to encrypt your linux password?

What is the best way to encrypt your linux passwork?Is it better to use blowfish or md5 to encrypt your linux password?
MD5 and Blowfish are two very different things. Blowfish is an encryption function while MD5 is a hash function.



A hash function will transform your password in a digest which is a one way transformation. You can use MD5 to verify that a password is the right one but, as it's not technically encryption, you can't retrieve the password from the hash.



So, depending what you want to do, you will choose one or the other:

- MD5 if you want to do password authentication

- Blowfish if you want to store your password securely to retrieve it laterIs it better to use blowfish or md5 to encrypt your linux password?
Either. If you look at the BSDs, OpenBSD (who pride themselves on security) use blowfish (created by Bruce Schneier). FreeBSD uses MD5.



Both work well but I'd go with BlowFish since I mostly use OpenBSD.

No comments:

Post a Comment