How to create a hashed MD5 password?

While some systems have not heard of the MD5 vulnerability, they might require you to build up a hashed password.
Here’s the code in C# and VB.net. Once you’ve grabbed the code you need, have a read on the two links below detailing MD5 Hash collisions.

using System.Security.Cryptography;
-------------------
 // step 1, calculate MD5 hash from input
    MD5 md5 = System.Security.Cryptography.MD5.Create();
    byte[] inputBytes = System.Text.Encoding.ASCII.GetBytes(input);
    byte[] hash = md5.ComputeHash(inputBytes);
// step 2, convert byte array to hex string
    StringBuilder sb = new StringBuilder();

    for (int i = 0; i < hash.Length; i++)
    {
      sb.Append(hash[i].ToString(“X2”));
    }
    return sb.ToString();

In VB.NET

Private Function GetMd5Password(ByVal psStr AsString) As String 
Dim md5Hasher As New MD5CryptoServiceProvider()
Dim sBuilder As New StringBuilder()
Dim nX As Integer' Convert the input string to a byte array and compute the hash.
Dim byData As Byte() = md5Hasher.ComputeHash(ASCIIEncoding.Default.GetBytes(psStr))

' Create a new Stringbuilder to collect the bytes and create a string.
' Loop through each byte of the hashed data and format each one as a hexadecimal string.
For nX = 0 To byData.Length -1
    sBuilder.Append(byData(nX).ToString("x2"))
Next
' Return the hexadecimal 
string.ReturnsBuilder.ToString().ToUpper
End Function

MD5 was intended to be a cryptographic hash function, and one of the useful properties for such a function is its collision-resistance. Ideally, it should take work comparable to around 264264 tries (as the output size is 128128 bits, i.e. there are 21282128 different possible values) to find a collision (two different inputs hashing to the same output). (Actually, brute-forcing this is today almost in the range of possible, so this alone would be a reason not to use any small-output hash function like MD5.)

http://www.mscs.dal.ca/~selinger/md5collision/ Explanation of how MD5 collisions occur
http://www.links.org/?p=6 MD5 Collisions Visualised

Passwords – Authentication

Passwords and passcodes are the most common way of authenticating users. Examples of their use includes the PIN (Personal Identifier Number) you use with your debit and credit card as well as the many passwords you are expected to remember when logging in to computer-based services.

https://www.youtube.com/watch?v=CjLwSLxwEk0 Continue reading “Passwords – Authentication”