Forcing a password change for insecure password hashes (MD5)
-
Tuesday, 31st March, 2026
-
13:27pm
MD5 is no longer considered a secure method for cryptographic purposes due to its vulnerabilities, particularly its susceptibility to collision attacks and its speed, which makes it unsuitable for password hashing.
There are a number of accounts across our servers that haven't changed their passwords in a while, and are using the older MD5 hash. We are issuing a force-password-change for those accounts.
Please let us know if you have any questions.
The Siteocity Team
