[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Change in the PASSWORD of MySQL

To: admin at arabeyes dot org
Subject: Change in the PASSWORD of MySQL
From: Mohammed Adn�ne Trojette <adn at diwi dot org>
Date: Tue, 24 Apr 2007 00:13:15 +0200
User-agent: Mutt/1.5.14+cvs20070403 (2007-04-02)

Hi everyone,

during the upgrade of Sina to Etch, we moved to a newer version of MySQL.

Unfortunately, its PASSWORD() fonction has changed and now takes 41
bytes instead of 16.

Consequently (as our field was only 20 bytes long) all the regenerated
or newly created passwords are truncated.
  ==> no one is able to login
       + the old ones can't because OLD_PASSWORD( $pass ) != PASSWORD( $pass )
       + the new ones can't because PASSWORD( $pass ) != TRUNCATED( PASSWORD( $pass ) )

That's why I have just done the following:

ALTER TABLE user MODIFY pass varchar(50) NOT NULL;

But now, we have to call all the users and ask them to change their
passwords... :(

The only advantage is that now, passwords have a longer hash. But well,
as we are doing HTTP and not HTTPS, I don't know whether it really makes
a difference (we really should move wiki.a.o and www.a.o to HTTPS).

Deeply sorry for the inconvenience,
-- 
Mohammed Adn�ne Trojette

Prev by Date: Re: Arabeyes.org upgrades
Next by Date: jobs applicant
Previous by thread: Re: Arabeyes.org upgrades
Next by thread: jobs applicant
Index(es):
- Date
- Thread