Home/ Questions/Q 6354057
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-24T22:30:54+00:00

We migrated our databases to a new server, which unfortunately had a default setting

  • 0

We migrated our databases to a new server, which unfortunately had a default setting of old_passwords=1.

Because we use PASSWORD() from PHP for some functionality, the newer passwords for those applications, and ofcourse the newly created mysql root and other users all have old style passwords.

I would like to move back to new style passwords in order for the user accounts from before the migration to work again, but I also would like the newly created users to be able to log in still.

Reading http://dev.mysql.com/doc/refman/5.0/en/password-hashing.html it seems that >4.1 servers will handle both old and new style passwords, but I would like to have some confirmation that I am reading that information correctly before I remove that line from my my.cnf, restart the server and end up in a lot of trouble

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    From what I have read it is pretty clear:

    4.1 and later clients can authenticate using accounts that have short or long hashes.

    But just make sure all your clients are also 4.1 or later. Otherwise if a pre-4.1 user changes their password, they will be locked out.

    Without the –old-passwords option, the following undesirable scenario
    is possible:

    • An old client connects to an account that has a short password hash.

    • The client changes its own password. Without –old-passwords, this
      results in the account having a long password hash.

    • The next time the old client attempts to connect to the account, it
      cannot, because the account has a long password hash that requires the
      new hashing mechanism during authentication. (Once an account has a
      long password hash in the user table, only 4.1 and later clients can
      authenticate for it, because pre-4.1 clients do not understand long
      hashes.)

    • 0