> Hi all,
>
> I can't find a description of the algorithm used in the mySQL PASSWROD
> function. I understand it's a hashing algorithm of some kind, but I
> don't know which algorithm (and I suspect it's *not* MD5.)
>
> Can anyone tell me what algorithm PASSWORD uses? The reason I ask is
> that we're trying to implement role-based security using our existing
> MySQL table of users, accessed via Java Servlet auth functions, which
> can read the User table through JDBC. BUT.... they don't know anything
> about PASSWORD-encrypted passwords, so I need to write something that
> hashes the password entered in the same way MySQL hashes a password (or
> abandon the use of servlet auth :-)
>
> Any clues?
How about using the PASSWORD function directly?
SELECT PASSWORD('thepassword'), Password
FROM user
WHERE User='username';
-- if they match, the unencrypted password matches.
Alternatively,
SELECT PASSWORD('thepassword')=Password
FROM user
WHERE User='username';
will return 1 on a match, 0 on non-match (watch out for
nonexisting usernames).
/ Carsten
--
Carsten H. Pedersen
keeper and maintainer of the bitbybit.dk MySQL FAQ
http://www.bitbybit.dk/mysqlfaq
---------------------------------------------------------------------
Before posting, please check:
http://www.mysql.com/manual.php (the manual)
http://lists.mysql.com/ (the list archive)
To request this thread, e-mail <[EMAIL PROTECTED]>
To unsubscribe, e-mail <[EMAIL PROTECTED]>
Trouble unsubscribing? Try: http://lists.mysql.com/php/unsubscribe.php
