How do I convert password hashing from MD5 to SHA?

Question

I\'ve got an old application that has user passwords stored in the database with an MD5 hash. I\'d like to replace this with something in the SHA-2 family.

I\'ve tho

Answer 1

I think you've already got the best possibilities. I like #1 more than #2, since there's no use for the md5 once the sha is set.

There's no way to reverse the MD5, so you have to wait for the user to authenticate again to create a new hash.