[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Change in the PASSWORD of MySQL
- To: admin at arabeyes dot org
- Subject: Change in the PASSWORD of MySQL
- From: Mohammed Adnčne Trojette <adn at diwi dot org>
- Date: Tue, 24 Apr 2007 00:13:15 +0200
- User-agent: Mutt/1.5.14+cvs20070403 (2007-04-02)
during the upgrade of Sina to Etch, we moved to a newer version of MySQL.
Unfortunately, its PASSWORD() fonction has changed and now takes 41
bytes instead of 16.
Consequently (as our field was only 20 bytes long) all the regenerated
or newly created passwords are truncated.
==> no one is able to login
+ the old ones can't because OLD_PASSWORD( $pass ) != PASSWORD( $pass )
+ the new ones can't because PASSWORD( $pass ) != TRUNCATED( PASSWORD( $pass ) )
That's why I have just done the following:
ALTER TABLE user MODIFY pass varchar(50) NOT NULL;
But now, we have to call all the users and ask them to change their
The only advantage is that now, passwords have a longer hash. But well,
as we are doing HTTP and not HTTPS, I don't know whether it really makes
a difference (we really should move wiki.a.o and www.a.o to HTTPS).
Deeply sorry for the inconvenience,
Mohammed Adnčne Trojette