[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now


Maximum MD5 Value for 20-Character Password

Posted on 2007-07-23
Medium Priority
Last Modified: 2008-02-01
I'm writing an application that stores encrypted passwords using the MD5 functionality provided in .NET.

I've restricted the plain-text password field in the application to 20 characters and I now need to know if the MD5 hash value itself will ever exceed 20 characters (for storage purposes).

If the user can type 20-characters into a plain-text field, what is the maximum length of the MD5 character string that could be generated?

Question by:sterrius
LVL 18

Accepted Solution

PowerIT earned 1000 total points
ID: 19546312
MD5 is a fixed size 128-bit hash. So it is always 128/8 = 16 bytes long. It is usually represented as a 32 hex character string.
So if you will store it as a binary then the size is always 16.
If you will store it as hex then the size is always 32.

LVL 53

Expert Comment

ID: 19546566
I don't have anything to add to PowerIT's excellent answer, but in case you want to know more about MD5, this is a nice source of information :


Featured Post

Threat Trends for MSPs to Watch

See the findings.
Despite its humble beginnings, phishing has come a long way since those first crudely constructed emails. Today, phishing sites can appear and disappear in the length of a coffee break, and it takes more than a little know-how to keep your clients secure.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In 2017, ransomware will become so virulent and widespread that if you aren’t a victim yourself, you will know someone who is.
The recent Petya-like ransomware attack served a big blow to hundreds of banks, corporations and government offices The Acronis blog takes a closer look at this damaging worm to see what’s behind it – and offers up tips on how you can safeguard your…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…
Suggested Courses

873 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question