Hardly an issue with MD5, more an issue with lack of salting.

[timdavies]

This script doesn't really show issues with MD5 but more silly programmers who don't salt their hashes. Search for a SHA-512 hash of a word and chances are you'll find it (perhaps not as frequently as MD5 but then again MD5 is more popular).

So with that in mind, why not allow other algorithms such as SHA-512?

[juuso]

You're right. It's not an issue with MD5. It's an issue with using plain MD5. Just like with plain saltless anything. MD5 just makes a good example, as it's easily findable by Google.

[bstaz]

This is more than just plain MD5 hashing. The hash also has to represent a stupid password. This is for all intents and purposes a rainbow table cracker that uses Google as it's backend.

[juuso]

bstaz, that very much depends on how you define a "stupid" password. You can solve a lot of passwords with Google, not just the traditional trivial ones in most wordlists. Just as an example, you can solve the password "j9W8V8Ya" using Google. You might define it as a stupid one, but there are a lot of people who would consider it reasonable.

Also, I think you mean "lookup table" instead of "rainbow table". They're not the same thing. You might want to check out http://en.wikipedia.org/wiki/Rainbow_table, it's interesting stuff.