PHK's MD5 might not be slow enough anymore

[Roger]

>
> The point of slowing down the algorithm is to protect against off-line
> attack where an attacker has gained access to a copy of master.passwd.

When say "off-line attack" do you refer to the attacker running a
brute force attack on his/her machine?
I'm assuming that by using a slow algorithm the attacker is forced to
use the same slow algorithm to check the passwords?

> Any hashing has to be done when the password is set, so it's fixed
> thereafter.

What do you mean by that?

Thank you very much for taking the time to answer.

-r