Re: Transfer ENCRYPT password field to another server
From: Johan De Meersman vegiv...@tuxera.be To:J Gao j...@veecall.com @ 2013-07-19 From: J Gao j...@veecall.com Subject: Transfer ENCRYPT password field to another server So, is there a way to make the MySQL encrypted password string 2I6JOeg.JukJ. convert to MD5 hash $1$.? Nope. Encrypt() calls unix crypt(), which is really more a hash - you can't go back to the original. The proper way to handle this, is to notify the users that passwords will expire upon moving to the new system, and sending each of them a personal, unique link to set their new password. If in a hurry, yes indeed. To limit impact on your most active users, you can usually do something like on the application side for a while before migrating: 1) On login, try new hash method first 2) On fail, try old hash method 3) If old hash method succeeds, update hash to new hash method (or store it in a new location), as you now temporarily have the actual password. 4) After most active users have thus 'upgraded their password by just logging in', send out an e-mail to those who haven't with the (re)set password link Johan mentions, and retire the old hash method. (Do keep in mind password resets etc. also need to know about the multiple hashing methods in use.) -- Rik Wasmus -- MySQL General Mailing List For list archives: http://lists.mysql.com/mysql To unsubscribe:http://lists.mysql.com/mysql
Re: Transfer ENCRYPT password field to another server
- Original Message - From: J Gao j...@veecall.com Subject: Transfer ENCRYPT password field to another server So, is there a way to make the MySQL encrypted password string 2I6JOeg.JukJ. convert to MD5 hash $1$.? Nope. Encrypt() calls unix crypt(), which is really more a hash - you can't go back to the original. The proper way to handle this, is to notify the users that passwords will expire upon moving to the new system, and sending each of them a personal, unique link to set their new password. -- Unhappiness is discouraged and will be corrected with kitten pictures. -- MySQL General Mailing List For list archives: http://lists.mysql.com/mysql To unsubscribe:http://lists.mysql.com/mysql
Transfer ENCRYPT password field to another server
Hi, All,
I am having trouble to transfer email user account which is saved in
MySQL to another server. Here is the detail:
I have an old email server which using MySQL to store user account
information. The password field uses MySQL ENCRYPT function to save the
users password. So if I want change the user's password I can do:
UPDATE `mail`.`users` SET `password` = ENCRYPT( '12345' ) WHERE
CONVERT( `users`.`email` USING utf8 ) = 'g...@veecall.com' LIMIT 1 ;
Then the new password 12345 saved in the table as string of
2I6JOeg.JukJ.
Now I build a new server using iRedMail. When I try to transfer user
account I have trouble to transfer the password field. Because the
iRadMail/dovecot is using MD5-CRAM to encrypt the password then save it
in the MySQL. All the password string is started with $1$.
So, is there a way to make the MySQL encrypted password string
2I6JOeg.JukJ. convert to MD5 hash $1$.?
Thanks for help.
Gao
--
__
_|==|_
('')__/
--(`^^')
(`^'^'`)
`=='
encrypt - password
Hi all, I've got an account table with password encrypted thru the encrypt() function, and I should transfer them to a table with password() function. I don't want to decrypt the password, and I'd like to know if there's a way to build the password hash from the encrypt one. Any suggestion? Thanks, Luca -- MySQL General Mailing List For list archives: http://lists.mysql.com/mysql To unsubscribe:http://lists.mysql.com/[EMAIL PROTECTED]
encrypt password
Hi ,
I am working in mysql . with the help of password() function I insert the
data in some table .
for example :-
insert into a values (password('name'));
when I fire select query . It shows me this - 23e6065b74
I wants to decrypt the data again in same format as I insert with Select
query.
please tells me the process .
Thx in advance
Manish Mehta
-
Before posting, please check:
http://www.mysql.com/manual.php (the manual)
http://lists.mysql.com/ (the list archive)
To request this thread, e-mail [EMAIL PROTECTED]
To unsubscribe, e-mail [EMAIL PROTECTED]
Trouble unsubscribing? Try: http://lists.mysql.com/php/unsubscribe.php
RE: encrypt password
http://www.mysql.com/doc/M/i/Miscellaneous_functions.html
Using the PASSWORD function is an irreversible process. Check the above
link.
A work around is you always deal with the encrypted password on the server
side.
E.g. When the user will login you encrypt the submitted password and do a
SELECT with the resulting String.
Regards,
Al
-Original Message-
From: Manish Mehta [mailto:[EMAIL PROTECTED]]
Sent: Monday, March 04, 2002 2:12 PM
To: mysql
Subject: encrypt password
Hi ,
I am working in mysql . with the help of password() function I insert the
data in some table .
for example :-
insert into a values (password('name'));
when I fire select query . It shows me this - 23e6065b74
I wants to decrypt the data again in same format as I insert with Select
query.
please tells me the process .
Thx in advance
Manish Mehta
-
Before posting, please check:
http://www.mysql.com/manual.php (the manual)
http://lists.mysql.com/ (the list archive)
To request this thread, e-mail [EMAIL PROTECTED]
To unsubscribe, e-mail
[EMAIL PROTECTED]
Trouble unsubscribing? Try: http://lists.mysql.com/php/unsubscribe.php
_
Do You Yahoo!?
Get your free @yahoo.com address at http://mail.yahoo.com
-
Before posting, please check:
http://www.mysql.com/manual.php (the manual)
http://lists.mysql.com/ (the list archive)
To request this thread, e-mail [EMAIL PROTECTED]
To unsubscribe, e-mail [EMAIL PROTECTED]
Trouble unsubscribing? Try: http://lists.mysql.com/php/unsubscribe.php
Re: encrypt password
To examplify this:
When you add your user, do it like you do now:
insert into a values (password('name'));
When the user logs in at a later time, do this:
select * from a where pw = password('name');
If no row is selected, no user with that password was found.
- Carsten
- Original Message -
From: Al Caponi [EMAIL PROTECTED]
To: mysql [EMAIL PROTECTED]
Sent: Monday, March 04, 2002 7:18 AM
Subject: RE: encrypt password
http://www.mysql.com/doc/M/i/Miscellaneous_functions.html
Using the PASSWORD function is an irreversible process. Check the above
link.
A work around is you always deal with the encrypted password on the server
side.
E.g. When the user will login you encrypt the submitted password and do a
SELECT with the resulting String.
Regards,
Al
-Original Message-
From: Manish Mehta [mailto:[EMAIL PROTECTED]]
Sent: Monday, March 04, 2002 2:12 PM
To: mysql
Subject: encrypt password
Hi ,
I am working in mysql . with the help of password() function I insert
the
data in some table .
for example :-
insert into a values (password('name'));
when I fire select query . It shows me this - 23e6065b74
I wants to decrypt the data again in same format as I insert with Select
query.
please tells me the process .
Thx in advance
Manish Mehta
-
Before posting, please check:
http://www.mysql.com/manual.php (the manual)
http://lists.mysql.com/ (the list archive)
To request this thread, e-mail [EMAIL PROTECTED]
To unsubscribe, e-mail
[EMAIL PROTECTED]
Trouble unsubscribing? Try: http://lists.mysql.com/php/unsubscribe.php
_
Do You Yahoo!?
Get your free @yahoo.com address at http://mail.yahoo.com
-
Before posting, please check:
http://www.mysql.com/manual.php (the manual)
http://lists.mysql.com/ (the list archive)
To request this thread, e-mail [EMAIL PROTECTED]
To unsubscribe, e-mail
[EMAIL PROTECTED]
Trouble unsubscribing? Try: http://lists.mysql.com/php/unsubscribe.php
-
Before posting, please check:
http://www.mysql.com/manual.php (the manual)
http://lists.mysql.com/ (the list archive)
To request this thread, e-mail [EMAIL PROTECTED]
To unsubscribe, e-mail [EMAIL PROTECTED]
Trouble unsubscribing? Try: http://lists.mysql.com/php/unsubscribe.php
