Hello, If you use MD5 for storing passwords in a table and then you export your DB and import it to a new host, will the new host MySQL server be able to decrypt the old passwords? -J
I have a question... what is the purpose of using md5 to store data in the database if md5 can be cracked?
So are you saying if I'd move to a new host, all frontend users of my site would have to create new passwords?
Yes, new DB host will be able to read that DB, because password are saved as string, and that string is generated before by md5. The application that is using that password is checking is MD5 of some password (that is checking) is equal to hashed password (string/data) from your DB. First it's better than using just a plain text, so no one can figure someones password just by quick looking into DB. Yes, MD5 isn't unbreakable, but it's pretty much secure, if is using on proper way. You can increase time for cracking by using salted passwords. Question you need to ask is "How someone have got access to database?".
I think it would help if you understood how a MD5 hash with mySQL works, when the user creates a password it is encrypted using a one-way algorithm and stored in the mySQL database. When checking the login details, we encrypt using the same one-way algorithm the users inputted password and then see if it has the same hash as the account password. This way even if a hacker gets a hold of your mySQL database they will have to crack all the hashes and will not have the plaintext passwords without a lot of work (they will try using brute force or rainbow tables).