there are several factors here
one is that the password generated here is equivalent to a 6 lower-upper-alpha-numeric text password [confirmed by several of the field] and to be true i am not good with permutatiaons or combinations theorie but im sure this will have the same complexity as of a 6 char password
this is for 5x5 grid
and there's no limit for the extendibility of the grid, although it would not be very nice to have a very big one
in the above code, i'm sure you will have more time with md5
implemented, but anyway if you got a super computer or stuff you can easily crack any hash, just like any other password, this too has weakness
[how ever many suggested of having some algorithms to convert the binary data to another form though some mathematical translation, i would try making one in next releases
and on the other hand, who on the hell there days would not prevent from their DB's leeching or getting injected?