Dave wrote:
[snip]
I believe I will need to use the new password hashing algorithm, because
using the old one would require me to reconfigure the PHP code for the
forum, which would be a level of complexity beyond my capabilities.
So I now understand that I can not decrypt the passwords into any kind
of plain text and then re-encrypt them. And I also understand that the
most likely course of action from this point will be to get the users to
update their passwords.
However, just to double check and be 100% sure. Is there no way to
convert directly from one password field to the other? Something where
I, the administrator, can never see the plain text version of the password?
No, because that would require MySQL to 'see' the plain text version of
the password. For MySQL to do that, the proces would look something like:
PASSWORD()ed password ---> plain text ---> MD5ed password
The first link in that chain is mathematically impossible (even if you
never saw the plain text password, it would have to get to that stage in
order to be put through the MD5 algorithm).
--
Jasper Bryant-Greene
Freelance web developer
http://jasper.bryant-greene.name/
If you find my advice useful, please consider donating to a poor
student! You can choose whatever amount you think my advice was
worth to you. http://tinyurl.com/7oa5s
--
MySQL General Mailing List
For list archives: http://lists.mysql.com/mysql
To unsubscribe: http://lists.mysql.com/[EMAIL PROTECTED]
