Skip to content

MD5

MD5

Easy — everyone uses thisSecurity

ELI5 — The Vibe Check

MD5 is the old grandpa hash algorithm — fast, but full of holes. It was everywhere in the early internet, but hackers have found so many ways to break it that you should never use it for passwords or security. Fine for checksums on files you trust, terrible for anything that needs to be secure.

Real Talk

MD5 (Message Digest 5) produces a 128-bit hash value. It's cryptographically broken — collision attacks are feasible, meaning two different inputs can produce the same hash. It should never be used for security-sensitive purposes like password hashing or digital signatures.

Show Me The Code

import { createHash } from 'crypto';

// Only acceptable for non-security uses like cache keys
const cacheKey = createHash('md5').update(url).digest('hex');

// NEVER do this for passwords:
// const badHash = md5(password); // ❌ broken!

When You'll Hear This

"We found MD5 password hashes in the old database — migrate them ASAP." / "MD5 is fine for generating cache keys, not for security."

Related Terms

Bcrypt

Bcrypt is the gold-standard password hasher that's intentionally slow.

intermediateSecurity

Hashing

Hashing is a one-way blender for data. You throw a password in, it spits out a weird string of letters and numbers, and there's no way to reverse it.

beginnerSecurity

SHA (SHA)

SHA (Secure Hash Algorithm) is a family of blenders for data.

intermediateSecurity
Back to Browse Random Term

Made with passive-aggressive love by manoga.digital. Powered by Claude.