In your opinion, which one is better for generating a hash, whether for passowrds or hashing files, etc.?

Kindly include your opinion and reasoning of your preference.

Thanks.

both work about the same, md5 produces a 32 character value , as sha1 produces a 40 character. sha1 is basically just a new standard as md5 has been proven to be cracked / produce collisions, though this is nearly impossible it still can be done.

md5 is generally faster then sha1 , but sha1 is concidered to be more secure , its really all a matter of preference , i still use md5 myself

Thanks for the response! I'm wanting to get opinions like that because I'm looking at the implications involving a redesign of an old project that used md5 and the client's concerns about it from what they've heard elsewhere (not from their own experience), and was therefore a good candidate for using SHA1.

I've been mostly using md5 mostly for password retrieval as well as hashing files and the like, but the additional 8 bytes in SHA1 is examined for implications on optimization, the database, as well as development time, and thus wanted to know of real-world experiences that have shown significant differences in either, or suppored what is more popularly perceived as SHA1's security superiority.

I would say using md5 on a password+other text would be fine. The problem with just the password is that I've heard in a database of 3000 records there would be multiple duplicates. sha1 is more secure but making a smooth transition might not be easy.

if you want to use md5 for passwords then make sure your passwords are more than 8 signs and contains some lower/upper case chars plus special chars

hashes of simple alphanumeric passwords up to 8 chars can be bruteforce - there are few companies on the net that provide such service for few $

also really nasty hacker with few big hdd (best about 1 tb space) can create own db for bruteforcing md5 (there is enough howtos on the net).

for today cracking of sha1 or md5 is impossible but it is just a matter of time that someone will crack it
collisions were found in both sha1 and md5 and there is more waiting to be discovered - hashes just cant be unique - there is always some second string that will have the same hash - for now ppl just cant find it :)

As the others have implied, it's still far more efficient to hammer the password, rather than the hash, and SHA1 won't magically make your users choose less stupid passwords. Using the Unix/Linux md5 crypt() function will add an 8-character 'salt' into the mix to make that search more time consuming, but a dictionary attack is still quite feasible.

I still use md5, but I don't store anything that's worth several years of supercomputer resources.

Originally posted by unlucky1
I would say using md5 on a password+other text would be fine. The problem with just the password is that I've heard in a database of 3000 records there would be multiple duplicates. sha1 is more secure but making a smooth transition might not be easy.

It is much more likely that out of the 3000 users, some of those users chose the same password.

ex: http://www.tcs.hut.fi/~mjos/md5/

I prefer MD5 for ease and for compactablity. But I choose the algorithams based on the application and requirements.

http://www.schneier.com/crypto-gram-0409.html#3

check that url, its from bruce schneier (the guy that developed/invented the blowfish cryptographic algorithm) in his monthly crypto-gram newsletter. Rather than me paraphrasing, take a look..

its entitled 'Cryptanalysis of MD5 and SHA'