Assume that client wants to log in as user U and that user account uses authentication method M. If
then there is an authentication method missmatch and authentication exchange must be restarted using the correct authentication method.
The missmatch can happen even if client and server used the same authentication method in the initial handshake, but this method was different from the method M required by the user account.
In the 4.1+ server the default authentication method is always
Secure Password Authentication. For mysql client this is configurable with
--default-authoption. Note hovewer, that as long as server uses
Secure Password Authenticationas its default method, there is no point in changing client's default authentication method to anything else. Doing so will always lead to method missmatch and the following authentication method switch request from server.
A sensibe thing to do for a client would be to see the server's default authentication method announced in the
Initial Handshake Packetand try to use the same method for generating the
Handshake Response Packet. However, this behavior is not yet implemented in the current mysql client library.
If authentication method missmatch happens, server sends to
Method Switch Request Packet which contains the
name of the authentication method to be used and the first
authentication payload generated by the new method. Client
should switch to the requested authentication method and
continue exchange as dictated by that method. If client does not
know the requested method it should disconnect.