I think your passwords would be easy to crack. One they appear to be set to a max length of 25 characters. Add on the fact that it only allows two digits 0 and 1, this makes it super easy to crack. A program in C could crack in in no time, one in php could do it in a few minutes. Its to limited with just 2 digits and a max set of 25. If they input the correct sequence the MD5 hash doesn't matter because the password would match the hash stored in the database for that user.

The function below if ran through a cron could crack your password easy and fast. Each number takes about 0.0016 s to run so in a minute or so I could crack one password.

PHP Code:
<?php
function antiZoints()
{
    
$maxChar 25;//set max limit
    
$vals = array(0,1);// set values to be used
    
$i 0;
    
$pass 0;
        for (
$i 0$i $maxChar$i++)
        {
            
$pass .= $vals[rand(0,1)];
        }
        
        return 
$pass;
}

echo 
antiZoints();
?>

Last edited by pein87; 9Aug2011 at 05:52..