Re: Password Encryption to replicate MySQL PASSWORD function

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



Luke Woollard wrote:
In mysql I have used the 'PASSWORD('someString')' function to encrypt each
users password. When authenticating a user for system use, I use the same
function to compare encrypted password.


From the MySQL manual:
"The PASSWORD() function is used by the authentication system in MySQL Server, you should *not* use it in your own applications. For that purpose, use MD5() or SHA1() instead." (emphasis added)

FWIW, the algorithm used in PASSWORD() must be pretty weak, as it appears to only create an 8-byte (16 hex chars) hash. MD5() (16 bytes/32 hex chars) and SHA1() (20 bytes/40 hex chars) are available in contrib/pgcrypto. Alternatively you could use the PHP functions by the same names.

HTH,

Joe



[Index of Archives]     [Postgresql General]     [Postgresql Admin]     [PHP Users]     [PHP Home]     [PHP on Windows]     [Kernel Newbies]     [PHP Classes]     [PHP Databases]     [Yosemite Backpacking]     [Postgresql Jobs]

  Powered by Linux