wanted to unhash my beta code with brute force
but i gave up because my email is super long

I heard it's impossible to unhash md5...

i said brute force...it means the computer generates all possible combinations and hash it, then compare with inputted hash code

It takes a while though right?

yea. especially with long stuffs like my email (28 chars)

You guys are pretty interested in this, eh?

The codes are generated by hashing a string containing a number of variables. Even with the assumption of brute-force attacks being attempted on the codes, they are still extremely secure - even if someone cracked the code, that code is one-time-use and linked to the email address it was sent to. If the person who received that code had already signed up, cracking it does nothing. Even with the insight you would gain from cracking the code, it would also be impossible to generate new ones, because the API for doing so is behind authentication, unpublished and undocumented.

To put it plainly, cracking a beta code is probably the single most difficult way to gain access to amoebaOS. In reality, I am certainly the weak point in this chain, and a little bit of social engineering would get anyone the beta code they need pretty easily.


It's not impossible to "unhash" MD5 (decrypt or decipher would be a better term). Actually, it's extremely fast compared to most other cryptographic algorithms, because MD5 was designed for speed, not security. amoebaOS will begin migrating to Blowfish encrypted passwords soon, which will be much more secure.

Blowfish? That sounds like windows 95, what's it like?

Blowfish is a cryptographic hash algorithm.

Hmm, in that case someone would have to social engineer. Which is very hard to do with me...