List:General Discussion« Previous MessageNext Message »
From:Lowell Allen Date:November 24 2005 3:48am
Subject:4.1 password problem
View as plain text  
I have a PHP application that stores member-access passwords in a char 
column. When the passwords were stored, they were written to the 
database using the PASSWORD() function. Each hashed password is 16 
characters long. When a member logs in, the plain text password 
submitted is run through the PASSWORD() function and compared to the 
stored hash. After MySQL was upgraded to 4.1.11, the PASSWORD() function 
now creates a 41 character hash, which of course doesn't match the 16 
character hash. I understand it's possible to restart the MySQL server 
with the --old-passwords option so that PASSWORD() will create the old 
style short hash, but I'm looking for a way to convert the short hash 
values into comparable long hash values. (I don't want to ask 1200+ 
registered users to reset their passwords.) Apparently the upgrade 
procedure can successfully convert short-to-long hash values for MySQL 
user passwords ("user" in the sense of a MySQL user accessing the 
database itself), so surely there's a way to convert short hashed values 
to long hashed values for use within a PHP application. Any practical 
advice greatly appreciated.

Lowell Allen
4.1 password problemLowell Allen24 Nov
  • Re: 4.1 password problemFelix Geerinckx24 Nov
    • Re: 4.1 password problemLowell Allen24 Nov