From: Sergei Golubchik
Date: May 27 2011 4:06pm
Subject: Re: Why SHA256+salt authentication ?
List-Archive: http://lists.mysql.com/internals/38331
Message-Id: <20110527160615.GA5982@janus.mylan>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii

Hi, Mats!

On May 27, Mats Kindahl wrote:
> >>> Or you just like it salted?
> >> Yes. It is suppose to make it more difficult to construct MySQL
> >> specific rainbow tables.
> > Agree.
> > We even tried to use salted hashes once, but had to revert it.
> 
> Just curios: why did you have to revert it?

It was introduced in 4.1.0 (as the first implementation of the "new
auth protocol"). And PASSWORD(string) returned a salted hash.

The problem was that PASSWORD() became non-deterministic - if you'd
repeat, say, SELECT PASSWORD("foobar"), you'd see different results.

And we found that an awful lot of users happened to use something like

  SELECT user, blabla, whatever FROM a_table WHERE pwd = PASSWORD($pass)

We tried educating them and so on, because, strictly speaking,
PASSWORD() should *only* be used for MySQL password hashes, and never
for hashing application level passwords. But it was hopeless
(--old-passwords option was not enough) and in 4.1.1 we've changed to a
salt-less hashes.

Perhaps Oracle will be better at user education (I doubt it), or better
at ignoring users' complains (which sounds quite possible) or just
lucky. Anyway - try it again, and good luck. Now you know the problem to
solve.

Regards,
Sergei

P.S. Disclaimer: the above is my recollection of the events that
happened in the middle of 2003, others may remember differently.