Over the years of programming I've seen many programmers incorrectly seed an md5/sha1 hash by using hex values as a string. I find this to be less effective at stopping a brute force attack on a hash, this is starting become of greater concern due to faster CPUs as well as GPU acceleration for computation.