MySQL Password Function – OLD_PASSWORD() and PASSWORD()

by Carey on October 21, 2010

Post image for MySQL Password Function – OLD_PASSWORD() and PASSWORD()
  • Share
  • CevherShare
  • Share

The PASSWORD() function in MySQL can be used to generate a hash value for encrypted passwords, similar to using md5() in PHP. It is generally not recommended to use this function in an application as it is not particularly secure – it is intended for internal use.

If however your application uses the MySQL PASSWORD() function, you need to be aware that prior to MySQL 4.1 the function returns a 16 byte hash and in MySQL 4.1 and later the hash is 41 bytes. This means that a change of hosting or database upgrade will most likely result in your application breaking.

Fortunately, the function OLD_PASSWORD() is available in MySQL 4.1 and later to replicate the original PASSWORD() function. If you need a temporary solution, use OLD_PASSWORD() but make sure you update your code to be more secure as soon as you can.

Leave a Comment

Previous post:

Next post: