[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Change in the PASSWORD of MySQL

Hi everyone,

during the upgrade of Sina to Etch, we moved to a newer version of MySQL.

Unfortunately, its PASSWORD() fonction has changed and now takes 41
bytes instead of 16.

Consequently (as our field was only 20 bytes long) all the regenerated
or newly created passwords are truncated.
  ==> no one is able to login
       + the old ones can't because OLD_PASSWORD( $pass ) != PASSWORD( $pass )
       + the new ones can't because PASSWORD( $pass ) != TRUNCATED( PASSWORD( $pass ) )

That's why I have just done the following:

ALTER TABLE user MODIFY pass varchar(50) NOT NULL;

But now, we have to call all the users and ask them to change their
passwords... :(

The only advantage is that now, passwords have a longer hash. But well,
as we are doing HTTP and not HTTPS, I don't know whether it really makes
a difference (we really should move wiki.a.o and www.a.o to HTTPS).

Deeply sorry for the inconvenience,
Mohammed Adnčne Trojette