> Hi all, > > I can't find a description of the algorithm used in the mySQL PASSWROD > function. I understand it's a hashing algorithm of some kind, but I > don't know which algorithm (and I suspect it's *not* MD5.) > > Can anyone tell me what algorithm PASSWORD uses? The reason I ask is > that we're trying to implement role-based security using our existing > MySQL table of users, accessed via Java Servlet auth functions, which > can read the User table through JDBC. BUT.... they don't know anything > about PASSWORD-encrypted passwords, so I need to write something that > hashes the password entered in the same way MySQL hashes a password (or > abandon the use of servlet auth :-) > > Any clues?
How about using the PASSWORD function directly? SELECT PASSWORD('thepassword'), Password FROM user WHERE User='username'; -- if they match, the unencrypted password matches. Alternatively, SELECT PASSWORD('thepassword')=Password FROM user WHERE User='username'; will return 1 on a match, 0 on non-match (watch out for nonexisting usernames). / Carsten -- Carsten H. Pedersen keeper and maintainer of the bitbybit.dk MySQL FAQ http://www.bitbybit.dk/mysqlfaq --------------------------------------------------------------------- Before posting, please check: http://www.mysql.com/manual.php (the manual) http://lists.mysql.com/ (the list archive) To request this thread, e-mail <[EMAIL PROTECTED]> To unsubscribe, e-mail <[EMAIL PROTECTED]> Trouble unsubscribing? Try: http://lists.mysql.com/php/unsubscribe.php