On md5 hashes, salting and secure passwords:
- Hackerthreads has a thread on salts and passwords
- Wikipedia’s entry on Salt
- Wikipedia’s entry on Rainbow Tables, a data structure used in retrieving plain text passwords from hashes
- CITS has a nice story of generating poisoned md5 hash messages
- Jeff Atwood (of Coding Horror fame) also has a blog entry on Rainbow hash cracking
- Yet another entry on Rainbow password cracking
- A nice intuitive explanation of Rainbow Tables with diagrams
- Matasano has a more detailed overview of secure password schemes
