MySQL

:: DEVELOPER ZONE

Login / Register

  • MySQL.com
  • Developer Zone
  • Partners
  • Online Shop
  • Downloads
  • Documentation
  • Forums
  • Lists
  • Bugs
  • Events
  • User Groups
  • Guilds
  • Blogs
  • Support
  • Resources
  • Books
  • FAQ

MySQL 3.23, 4.0, 4.1 Reference Manual :: 5 Database Administration :: 5.7 The MySQL Access Privilege System :: 5.7.9 Password Hashing as of MySQL 4.1 :: 5.7.9.1 Implications of Password Hashing Changes for Application Programs

  • Overview
  • MySQL Reference Manual
  • 3.23, 4.0, 4.1
  • 5.0
  • 5.1
  • MaxDB Documentation

Search the MySQL manual:


  • MySQL 3.23, 4.0, 4.1 Reference Manual

  • 5.7.9 Password Hashing as of MySQL 4.1
  • 5.7.9.1 Implications of Password Hashing Changes for Application Programs
  • 5.7.9.2 Password Hashing in MySQL 4.1.0

Get the MySQL Language Reference and MySQL Administrator's Guide from MySQL Press!


Get Support with MySQL Network today!

Order from our online shop and get technical support from MySQL engineers today.

 

Get Support Now ��

 

Learn about new MySQL releases, technical articles, events and more.

Subscribe to the monthly MySQL Newsletter!


Previous / Next / Up / Table of Contents

5.7.9.1. Implications of Password Hashing Changes for Application Programs

An upgrade to MySQL 4.1 can cause a compatibility issue for applications that use PASSWORD() to generate passwords for their own purposes. Applications really should not do this, because PASSWORD() should be used only to manage passwords for MySQL accounts. But some applications use PASSWORD() for their own purposes anyway.

If you upgrade to 4.1 and run the server under conditions where it generates long password hashes, an application that uses PASSWORD() for its own passwords breaks. The recommended course of action is to modify the application to use another function, such as SHA1() or MD5(), to produce hashed values. If that is not possible, you can use the OLD_PASSWORD() function, which is provided to generate short hashes in the old format. But note that OLD_PASSWORD() may one day no longer be supported.

If the server is running under circumstances where it generates short hashes, OLD_PASSWORD() is available but is equivalent to PASSWORD().

PHP programmers migrating their MySQL databases from version 4.0 or lower to version 4.1 or higher should see Section 17.3, ���MySQL PHP API���.

Previous / Next / Up / Table of Contents



User Comments

Add your own comment.

Top / Previous / Next / Up / Table of Contents



�� 1995-2006 MySQL AB. All rights reserved.

  • About MySQL
  • Careers
  • Site Map
  • Contact Us
  • Legal
  • Privacy Policy
  • Trademark Info
  • No Software Patents!