AvoidUsingBrokenHashAlgorithms

Article
06/28/2023

Severity Level: Warning

Description

Avoid using the broken algorithms MD5 or SHA-1.

How

Replace broken algorithms with secure alternatives. MD5 and SHA-1 should be replaced with SHA256, SHA384, SHA512, or other safer algorithms when possible, with MD5 and SHA-1 only being utilized by necessity for backwards compatibility.

Example 1

Wrong

Get-FileHash foo.txt -Algorithm MD5

Correct

Get-FileHash foo.txt -Algorithm SHA256

Example 2

Wrong

Get-FileHash foo.txt -Algorithm SHA1

Correct

Get-FileHash foo.txt

Feedback

Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.

Submit and view feedback for

This page

View all page feedback

AvoidUsingBrokenHashAlgorithms

Description

How

Example 1

Wrong

Correct

Example 2

Wrong

Correct

Feedback

Feedback

Additional resources