md5

Syntax

%md5(string)

Description

Returns hex-encoded text which was "scrambled" with the Message Digest 5 algorithm. The %md5 function is a standard, secure algorithm for "scrambling" text so that anyone who knows the original can perform verification without transmiting the original. This algorithm is portable and available in any language and environment.

Rather than storing passwords in a database, store the %md5() hashed username and password as a unique "id". Then, when a person logs in you check to see if their "id" is in the database. This way you can run an anonymous, secure database, where nobody, not even the DBA, can get access to a user's password!

(Note: md5 is considered by some to not be secure enough for this purpose. You may want to try %digest(sha512,%username%%password%) for this instead. The basic principle is the same, however. Even still, md5 is better than storing passwords in cleartext in a database, so please don't be tempted to do that! If you're even thinking about it for a second, take a look at http://www.codinghorror.com/blog/gawker-hack-release-notes.html and you'll change your mind.)

Example

%md5(hello)
5d41402abc4b2a76b9719d911017c592

is shorthand for

%digest(md5,hello)
5d41402abc4b2a76b9719d911017c592

See Also

sha | sha256 | digest