Why is my database password encrypted with MySQL OLD_PASSWORD()?
Applies to: Grid System
MySQL 4.1 came out in 2004 and introduced a more secure password hashing scheme. This new method is not compatible for applications that use, for example, PHP4. We have kept using MySQL OLD_PASSWORD() since 2004 to keep customers' old applications working properly.
PHP 5.3, available in our Debian 6 environment, uses a new driver, called mysqlnd, to communicate with MySQL. Mysqlnd does not work with passwords encrypted with OLD_PASSWORD(). So, we must begin transitioning to the new, better PASSWORD().
The transition plan varies depending on you situation:
- Customers on Debian 6: Do nothing; you are already using the newest password hashing, and it is fully compatible with PHP 5.3
- Customers on Debian 5: Submit a new database password. It will be stored more securely and your applications will continue to work. You can submit your current password for re-encryption if it meets our minimum password strength requirements.
- Customers on Redhat 7: Either...
- ...submit a new password, and be prepared to upgrade to a Debian environment immediately after updating your password. ( Recommended )
- ...or keep your current database password. You will be unable to add new databases in this state. If you absolutely must change your password or add a database, contact support for a special exception.
3268/0%Last update: 2011-04-05 15:55
Author: Thomas Connell
You can comment this FAQ