If baffles me how any company that uses and stores customer passwords could neglect to update their encryption algorithm to something from at least this century. MD5 has been obsolete for over 8 years, and has some of the easiest vulnerabilities to crack. Hell, any computer with a Pentium 4 processor can crack the encryption in seconds.
Back in 1996 when the vulnerabilities were found it was recommended to use MD5 to run checksums to verify program and data integrity.
The funny part is the security guru’s told everyone to switch to SHA1, which was pretty much equally as susceptible.
So the folks over at Grow Diaries have neglected to update their security algorithm that has been outdated for 24 years… I hope the head of their IT department, and security person are looking for new jobs. There is no excuse for anyone to be running MD5 to hash passwords. Hell, as soon as quantum computers become reality, just about every encryption algorithm currently in existence will become obsolete.
Just giving users a chance to change their passwords
Been using computers since pc jr. The amount of data mining now, grobo included, is insane.
It never was like that or about that