MD5 vs SHA-1

MD5 (128-bit) and SHA-1 (160-bit) are obsolete for security because practical collisions exist. They remain in some legacy protocols but should be phased out in favor of SHA-256 or newer hash functions.

For passwords, do not use plain hashes. Prefer PBKDF2 or modern KDFs. For message integrity, use HMAC-SHA256. Maintain backward compatibility by publishing multiple digests during a transition.

Related tools

Try: SHA-1, SHA-256, PBKDF2

FAQ

Are MD5 and SHA-1 ever acceptable?

Only for legacy compatibility and non-adversarial checksums. For security or signatures, both are deprecated due to collisions.

How should I migrate?

Support SHA-256 alongside existing hashes, update clients, then deprecate MD5/SHA-1. For passwords, move to PBKDF2/scrypt/Argon2.