The main reason not to use MD5 for password hashing is not the fact that MD5 is badly compromised or even considered broken.
True, MD5 discovered vulnerabilities . But none of them pose a serious threat to the use of MD5. Because in your case, the only threat will be a prototype attack when an attacker tries to find a prototype of a known hash, for example. password to a known (salted) password password. Probably the well-known preliminary attack against MD5 is only theoretical and reduces the force from 2 128 to 2 123.4 which is not a big advantage. A brute force attack with an average of 2 64 is even more promising.
No, the main reason not to use MD5 is because MD5 is too fast . With today's affordable computer, you can generate and test 7190M MD5 hashes per second . All character combinations of 8-character alphanumeric characters can be mournful for about 8.5 hours, whether with or without salt.
In contrast, with a hash function such as bcrypt $2a$ , you can generate and test 4085 hashes per second, so only 0.00005682% of the number of MD5 hashes. With bcrypt $2a$ you will need 1694 for the same attempt.