Mark Matthews wrote:
[ ... ]
Mike Moran wrote:
I've been looking into what algorithm MySQL 4.1.7 uses for password
hashing/encryption, with a view to ascertaining how secure it is. Does
it conform to any combinations of published Specs e.g. MD5/SHA-1/etc?
[ ... ]
Mike,
MySQL-4.1.7 uses SHA-1. The
Mike,
The newest MySQL uses SHA1 in combo with random generated 20 byte session hash
values. The procedure is irreversible and therefore why it is not possible to
obtain the original password. MySQL is thus very secure and only vulnerable to
a bruteforce attack. You can partially secure you
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Mike Moran wrote:
> I've been looking into what algorithm MySQL 4.1.7 uses for password
> hashing/encryption, with a view to ascertaining how secure it is. Does
> it conform to any combinations of published Specs e.g. MD5/SHA-1/etc?
>
> I had a look
