diff --git a/htdocs/core/class/CMailFile.class.php b/htdocs/core/class/CMailFile.class.php
index a289b43c4a9..5288dc635cb 100644
--- a/htdocs/core/class/CMailFile.class.php
+++ b/htdocs/core/class/CMailFile.class.php
@@ -118,10 +118,10 @@ class CMailFile
 		$this->mixed_boundary = "multipart_x." . time() . ".x_boundary";
 
 		// On defini related_boundary
-		$this->related_boundary = 'mul_'.dol_hash(uniqid("dolibarr2"));
+		$this->related_boundary = 'mul_'.dol_hash(uniqid("dolibarr2"), 3);	// Force md5 hash (does not contains special chars)
 
 		// On defini alternative_boundary
-		$this->alternative_boundary = 'mul_'.dol_hash(uniqid("dolibarr3"));
+		$this->alternative_boundary = 'mul_'.dol_hash(uniqid("dolibarr3"), 3);	// Force md5 hash (does not contains special chars)
 
 		// If ending method not defined
 		if (empty($conf->global->MAIN_MAIL_SENDMODE)) $conf->global->MAIN_MAIL_SENDMODE='mail';
@@ -971,7 +971,7 @@ class CMailFile
 						}
 
 						// cid
-						$this->html_images[$i]["cid"] = dol_hash(uniqid(time()));
+						$this->html_images[$i]["cid"] = dol_hash(uniqid(time()), 3);	// Force md5 hash (does not contains special chars)
 						$this->html = preg_replace("/src=\"$src\"|src='$src'/i", "src=\"cid:".$this->html_images[$i]["cid"]."\"", $this->html);
 					}
 					$i++;
diff --git a/htdocs/core/class/html.form.class.php b/htdocs/core/class/html.form.class.php
index 9985bcc0e81..f41aaa5d19e 100644
--- a/htdocs/core/class/html.form.class.php
+++ b/htdocs/core/class/html.form.class.php
@@ -4401,7 +4401,7 @@ class Form
                 {
                     global $dolibarr_main_url_root;
                     $ret.='<!-- Put link to gravatar -->';
-                    $ret.='<img alt="Photo found on Gravatar" title="Photo Gravatar.com - email '.$email.'" border="0" width="'.$width.'" src="http://www.gravatar.com/avatar/'.dol_hash($email).'?s='.$width.'&d='.urlencode(dol_buildpath('/theme/common/nophoto.jpg',2)).'">';
+                    $ret.='<img alt="Photo found on Gravatar" title="Photo Gravatar.com - email '.$email.'" border="0" width="'.$width.'" src="http://www.gravatar.com/avatar/'.dol_hash($email,3).'?s='.$width.'&d='.urlencode(dol_buildpath('/theme/common/nophoto.jpg',2)).'">';	// gravatar need md5 hash
                 }
                 else
                 {
diff --git a/htdocs/core/class/rssparser.class.php b/htdocs/core/class/rssparser.class.php
index d9a7d8348d6..5a156b1eda7 100644
--- a/htdocs/core/class/rssparser.class.php
+++ b/htdocs/core/class/rssparser.class.php
@@ -194,7 +194,7 @@ class RssParser
         }
 
         $this->_urlRSS = $urlRSS;
-        $newpathofdestfile=$cachedir.'/'.dol_hash($this->_urlRSS);
+        $newpathofdestfile=$cachedir.'/'.dol_hash($this->_urlRSS,3);	// Force md5 hash (does not contains special chars)
         $newmask='0644';
 
         //dol_syslog("RssPArser::parser parse url=".$urlRSS." => cache file=".$newpathofdestfile);
diff --git a/htdocs/core/class/smtps.class.php b/htdocs/core/class/smtps.class.php
index 61a098330c2..5c7d73eb136 100644
--- a/htdocs/core/class/smtps.class.php
+++ b/htdocs/core/class/smtps.class.php
@@ -1159,7 +1159,7 @@ class SMTPs
 		$this->_msgContent[$strType]['data']     = $strContent;
 
 		if ( $this->getMD5flag() )
-		$this->_msgContent[$strType]['md5']      = dol_hash($strContent);
+		$this->_msgContent[$strType]['md5']      = dol_hash($strContent, 3);
 		//}
 	}
 
@@ -1329,7 +1329,7 @@ class SMTPs
 			$this->_msgContent['attachment'][$strFileName]['data']     = $strContent;
 
 			if ( $this->getMD5flag() )
-			$this->_msgContent['attachment'][$strFileName]['md5']      = dol_hash($strContent);
+			$this->_msgContent['attachment'][$strFileName]['md5']      = dol_hash($strContent, 3);
 		}
 	}
 
@@ -1356,7 +1356,7 @@ class SMTPs
 			$this->_msgContent['image'][$strImageName]['data']     = $strContent;
 
 			if ( $this->getMD5flag() )
-			$this->_msgContent['image'][$strImageName]['md5']      = dol_hash($strContent);
+			$this->_msgContent['image'][$strImageName]['md5']      = dol_hash($strContent, 3);
 		}
 	}
 	// END DOL_CHANGE LDR
@@ -1487,8 +1487,8 @@ class SMTPs
 	function _setBoundary()
 	{
 		$this->_smtpsBoundary = "multipart_x." . time() . ".x_boundary";
-		$this->_smtpsRelatedBoundary = 'mul_'.dol_hash(uniqid("dolibarr2"));
-		$this->_smtpsAlternativeBoundary = 'mul_'.dol_hash(uniqid("dolibarr3"));
+		$this->_smtpsRelatedBoundary = 'mul_'.dol_hash(uniqid("dolibarr2"), 3);
+		$this->_smtpsAlternativeBoundary = 'mul_'.dol_hash(uniqid("dolibarr3"), 3);
 	}
 
 	/**
diff --git a/htdocs/core/lib/security.lib.php b/htdocs/core/lib/security.lib.php
index 87dfcf1367b..f00abaa339f 100644
--- a/htdocs/core/lib/security.lib.php
+++ b/htdocs/core/lib/security.lib.php
@@ -70,11 +70,11 @@ function dol_decode($chain)
 
 /**
  * 	Returns a hash of a string.
- *  If constant MAIN_SECURITY_HASH_ALGO is defined, we use this function as hashing function (md5 by default)
- *  If constant MAIN_SECURITY_SALT is defined, we use it as a salt
+ *  If constant MAIN_SECURITY_HASH_ALGO is defined, we use this function as hashing function.
+ *  If constant MAIN_SECURITY_SALT is defined, we use it as a salt.
  *
  * 	@param 		string		$chain		String to hash
- * 	@param		int			$type		Type of hash (0:auto, 1:sha1, 2:sha1+md5)
+ * 	@param		int			$type		Type of hash (0:auto, 1:sha1, 2:sha1+md5, 3:md5)
  * 	@return		string					Hash of string
  */
 function dol_hash($chain,$type=0)
@@ -86,9 +86,12 @@ function dol_hash($chain,$type=0)
 
 	if ($type == 1) return sha1($chain);
 	else if ($type == 2) return sha1(md5($chain));
+	else if ($type == 3) return md5($chain);
 	else if (! empty($conf->global->MAIN_SECURITY_HASH_ALGO) && $conf->global->MAIN_SECURITY_HASH_ALGO == 'sha1') return sha1($chain);
 	else if (! empty($conf->global->MAIN_SECURITY_HASH_ALGO) && $conf->global->MAIN_SECURITY_HASH_ALGO == 'sha1md5') return sha1(md5($chain));
-	else return md5($chain);
+
+	// No enconding defined
+	return md5($chain);
 }
 
 
diff --git a/htdocs/core/lib/security2.lib.php b/htdocs/core/lib/security2.lib.php
index 40dd2c03ac3..fe0c9809296 100644
--- a/htdocs/core/lib/security2.lib.php
+++ b/htdocs/core/lib/security2.lib.php
@@ -440,7 +440,7 @@ function encodedecode_dbpassconf($level=0)
 /**
  * Return a generated password using default module
  *
- * @param		boolean		$generic		true=Create generic password (a MD5 string), false=Use the configured password generation module
+ * @param		boolean		$generic		true=Create generic password (use default crypt function), false=Use the configured password generation module
  * @return		string						New value for password
  */
 function getRandomPassword($generic=false)
diff --git a/htdocs/user/class/user.class.php b/htdocs/user/class/user.class.php
index 91f85d4cb0b..ffde48c2ada 100644
--- a/htdocs/user/class/user.class.php
+++ b/htdocs/user/class/user.class.php
@@ -1154,7 +1154,7 @@ class User extends CommonObject
 			$this->error = $langs->trans("ErrorBadEMail",$this->email);
 			return -1;
 		}
-		
+
 		$this->db->begin();
 
 		// Mise a jour autres infos
@@ -1539,7 +1539,7 @@ class User extends CommonObject
 			$mesg.= $outputlangs->transnoentitiesnoconv("Password")." = ".$password."\n\n";
 			$mesg.= "\n";
 			$mesg.= $outputlangs->transnoentitiesnoconv("YouMustClickToChange")." :\n";
-			$url = $urlwithroot.'/user/passwordforgotten.php?action=validatenewpassword&username='.$this->login."&passwordmd5=".dol_hash($password);
+			$url = $urlwithroot.'/user/passwordforgotten.php?action=validatenewpassword&username='.$this->login."&passwordhash=".dol_hash($password);
 			$mesg.= $url."\n\n";
 			$mesg.= $outputlangs->transnoentitiesnoconv("ForgetIfNothing")."\n\n";
 			dol_syslog(get_class($this)."::send_password url=".$url);
diff --git a/htdocs/user/passwordforgotten.php b/htdocs/user/passwordforgotten.php
index 4d7422109bf..44377f6168c 100644
--- a/htdocs/user/passwordforgotten.php
+++ b/htdocs/user/passwordforgotten.php
@@ -49,7 +49,7 @@ $mode=$dolibarr_main_authentication;
 if (! $mode) $mode='http';
 
 $username 		= GETPOST('username');
-$passwordmd5	= GETPOST('passwordmd5');
+$passwordhash	= GETPOST('passwordhash');
 $conf->entity 	= (GETPOST('entity') ? GETPOST('entity') : 1);
 
 // Instantiate hooks of thirdparty module only if not already define
@@ -68,7 +68,7 @@ if (GETPOST('dol_use_jmobile') || ! empty($_SESSION['dol_use_jmobile']))
  */
 
 // Validate new password
-if ($action == 'validatenewpassword' && $username && $passwordmd5)
+if ($action == 'validatenewpassword' && $username && $passwordhash)
 {
     $edituser = new User($db);
     $result=$edituser->fetch('',$_GET["username"]);
@@ -78,7 +78,7 @@ if ($action == 'validatenewpassword' && $username && $passwordmd5)
     }
     else
     {
-        if (dol_hash($edituser->pass_temp) == $passwordmd5)
+        if (dol_hash($edituser->pass_temp) == $passwordhash)
         {
             $newpassword=$edituser->setPassword($user,$edituser->pass_temp,0);
             dol_syslog("passwordforgotten.php new password for user->id=".$edituser->id." validated in database");
diff --git a/test/phpunit/SecurityTest.php b/test/phpunit/SecurityTest.php
index 0d92aee8b76..e7160939532 100755
--- a/test/phpunit/SecurityTest.php
+++ b/test/phpunit/SecurityTest.php
@@ -227,7 +227,7 @@ class SecurityTest extends PHPUnit_Framework_TestCase
     {
         global $conf;
 
-        $genpass1=getRandomPassword(true);    // Should be a MD5 string return by dol_hash
+        $genpass1=getRandomPassword(true);    // Should be a string return by dol_hash (if no option set, will be md5)
         print __METHOD__." genpass1=".$genpass1."\n";
         $this->assertEquals(strlen($genpass1),32);