Bruce Schneier, a security expert, talks about a new set of MD5 collisions generated by two researchers in Bochum. This renders MD5 not safe, i.e. completely useless. A very interesting read indeed.

For those of you who have never heard of MD5 before, a simple explanation is in order. Keep in mind that I am not a cryptography expert, and I am trying to understand these things myself.

The MD4, MD5 and SHA-1 algorithms are secure hash functions. They take a string input, and produce a fixed size number - 128 bits for MD4 and MD5; 160 bits for SHA-1. This number is a hash of the input - a small change in the input results in a substantial change in the output. The uses of secure hashes include digital signatures and challenge hash authentication.

This document is a good introduction to hash. While many people view MD5 not safe. But for a web site it is generally more than enough. "JavaScript Here." There are other hash-functions that are still considered secure, Tiger for instance, and SHA-2.