The 'user' table in the 4.3.7 chapter is a table used by the authentication
system in MySQL :)
Jocelyn
----- Original Message -----
From: <[EMAIL PROTECTED]>
To: "Jocelyn Fournier" <[EMAIL PROTECTED]>; "Grégoire Dubois"
<[EMAIL PROTECTED]>
Cc: "'Mysql'" <[EMAIL PROTECTED]>
Sent: Thursday, June 19, 2003 12:42 AM
Subject: RE: Can we crypt passwords on MySQL
> Strange...
>
> This is what the online manual says in "4.3.7 Setting up passwords":
>
> >>>>>>>
> Passwords must be encrypted when they are inserted in the user table, so
the
> INSERT statement should have been specified like this instead:
>
> mysql> INSERT INTO user (Host,User,Password)
> -> VALUES('%','jeffrey',PASSWORD('biscuit'));
>
> You must also use the PASSWORD() function when you use SET PASSWORD
> statements:
>
> mysql> SET PASSWORD FOR jeffrey@"%" = PASSWORD('biscuit');
> <<<<<<<
>
> However in "6.3.6.2 Miscellaneous Functions" it says indeed:
>
> >>>>
> PASSWORD(str)
> OLD_PASSWORD(str)
> [...]
> Note: The PASSWORD() function is used by the authentication system in
MySQL
> Server, you should NOT use it in your own applications. For that purpose,
> use MD5() or SHA1() instead. Also see RFC-2195 for more information about
> handling passwords and authentication securely in your application.
> <<<<
>
> Whom to believe?
>
> Lian
>
>
> > -----Original Message-----
> > From: Jocelyn Fournier [mailto:[EMAIL PROTECTED]
> > Sent: Friday, June 27, 2003 1:19 AM
> > To: [EMAIL PROTECTED]; Grégoire Dubois
> > Cc: 'Mysql'
> > Subject: Re: Can we crypt passwords on MySQL
> >
> >
> > Hi,
> >
> > Using PASSWORD function to crypt password is not recommended, it's
mainly
> > used for internal mysql password encryption.
> > Prefer using MD5/SHA1 functions to encrypt a password.
> >
> > Regards,
> > Jocelyn
> >
> >
> > ----- Original Message -----
> > From: <[EMAIL PROTECTED]>
> > To: "Grégoire Dubois" <[EMAIL PROTECTED]>
> > Cc: "'Mysql'" <[EMAIL PROTECTED]>
> > Sent: Thursday, June 19, 2003 12:14 AM
> > Subject: RE: Can we crypt passwords on MySQL
> >
> >
> > > There is a PASSWORD('your_clear_text_password_here') function
> > you can use
> > > wherever you define a new password. See the manual for more.
> > >
> > > Lian
> > >
> > >
> > > > -----Original Message-----
> > > > From: Grégoire Dubois [mailto:[EMAIL PROTECTED]
> > > > Sent: Thursday, June 19, 2003 12:55 AM
> > > > Cc: 'Mysql'
> > > > Subject: Can we crypt passwords on MySQL
> > > >
> > > >
> > > > Hi all,
> > > >
> > > > Is it possible to crypt the passwords on MySQL. If yes, how does it
> > > > work, and how is it to be implemented.
> > > > Any link would be great.
> > > >
> > > > Thank you.
> > > > Grégoire Dubois.
> > > >
> > > >
> > > > --
> > > > MySQL General Mailing List
> > > > For list archives: http://lists.mysql.com/mysql
> > > > To unsubscribe: http://lists.mysql.com/[EMAIL PROTECTED]
> > > >
> > >
> > >
> > > --
> > > MySQL General Mailing List
> > > For list archives: http://lists.mysql.com/mysql
> > > To unsubscribe:
> http://lists.mysql.com/[EMAIL PROTECTED]
> >
> >
>
>
--
MySQL General Mailing List
For list archives: http://lists.mysql.com/mysql
To unsubscribe: http://lists.mysql.com/[EMAIL PROTECTED]
