MySQL Password Function – OLD_PASSWORD() and PASSWORD()

The PASSWORD() function in MySQL can generate a hash value for encrypted passwords, similar to md5() in PHP.

It is generally not recommended to use this function in an application as it is not particularly secure – it is intended for internal use.

If, however, your application uses the MySQL PASSWORD() function, you need to be aware that before MySQL 4.1, the function returns a 16-byte hash, and in MySQL 4.1 and later, the hash is 41 bytes.

This means that a change of hosting or database upgrade will most likely result in your application breaking.

Fortunately, the function OLD_PASSWORD() is available in MySQL 4.1 (and later) to replicate the original PASSWORD() function. If you need a temporary solution, use OLD_PASSWORD() but make sure you update your code to be more secure as soon as possible.

Similar Posts

Leave a Reply

Your email address will not be published. Required fields are marked *