Note that MD5, while good, has lost favor within the "family"...
This part isn't exactly accurate. I'd putting it more like: MD5, while good
fifteen years ago, has
this last decade lost favor within the "family"... due to the fact that it is no longer strong enough to stand up to the processing power of modern hardware.
MD5 is a relatively weak hashing algorithm to begin with (128 bits). They got away with it 15-10 years ago because the hardware back then was also relatively weak. These days, even fairly easily affordable hardware can brute-force MD5 hashes pretty quickly, and
rainbow-tables for MD5 hashes are easy to generate with modern database software, effectively giving potential "hackers" a hash collision look-up table, removing the need to even brute-force or crack the hash at all.
And this is not even taking into account vulnerabilities in the algorithm itself, of which there are allegedly a few. Both MD5 and SHA1 have been known to succumb to collisions, which makes them weak candidates for any sort of security related hashing. (Despite the fact that those are the two of the most used algorithms for SSL/TLS signature hashes...)
The stronger SHA2 algorithm, the SHA256-SHA512 variants, are much better choices for that, although the old
"salted hash" methodology may no longer be suitable for things like password hashing at all, due to the ready availability of processing power these days. That's mostly thanks to the modern PC's ability to run multiple, easily programmable, extremely powerful graphics processing units (GPUs) in addition to their multi-processor, multi-core CPU capabilities.
For security purposes, you may want to consider using PBKDF2, bcrypt, or even scrypt. (In order from weakest to strongest... arguably.)
1
