Documentation Home
MySQL Internals Manual


MySQL Internals Manual  /  ...  /  Old Password Authentication

14.3.2 Old Password Authentication

Authentication::Old:
  • auth_method_name is mysql_old_password

  • client-side requires "8-byte random challenge" from server

  • client-side sends a 8-byte response based on the algorithm described later

Note

If the server announces Secure Password Authentication in the Initial Handshake Packet the client may use the first 8 byte of its 20-byte auth_plugin_data as input.

Warning

The hashing algorithm used for this auth method is broken as shown at http://sqlhack.com/ and CVE-2000-0981


User Comments
User comments in this section are, as the name implies, provided by MySQL users. The MySQL documentation team is not responsible for, nor do they endorse, any of the information provided here.
Sign Up Login You must be logged in to post a comment.