John Kemp writes:
> Hi all,
> I can't find a description of the algorithm used in the mySQL PASSWROD
> function. I understand it's a hashing algorithm of some kind, but I
> don't know which algorithm (and I suspect it's *not* MD5.)
> Can anyone tell me what algorithm PASSWORD uses? The reason I ask is
> that we're trying to implement role-based security using our existing
> MySQL table of users, accessed via Java Servlet auth functions, which
> can read the User table through JDBC. BUT.... they don't know anything
> about PASSWORD-encrypted passwords, so I need to write something that
> hashes the password entered in the same way MySQL hashes a password (or
> abandon the use of servlet auth :-)
> Any clues?
> John Kemp,
> Director, Software Development
> Streetmail Inc.
We use our own hash algorithm with usage of salt.
Take a look at sql/password.c ...
__ ___ ___ ____ __
/ |/ /_ __/ __/ __ \/ / Mr. Sinisa Milivojevic <sinisa@stripped>
/ /|_/ / // /\ \/ /_/ / /__ MySQL AB, Fulltime Developer
/_/ /_/\_, /___/\___\_\___/ Larnaca, Cyprus