When MySQL servers go weird

The MySQL PASSWORD() function has started giving a different value on a client’s live server compared to local development servers.

This has resulted in end users not being able to log in when PASSWORD() is used to compare the stored and entered passwords.

Why this has happened I have no idea. Any thoughts?

dev
mysql> SELECT PASSWORD('foobar');
+-------------------------------------------+
| PASSWORD('foobar')                        |
+-------------------------------------------+
| *9B500343BC52E2911172EB52AE5CF4847604C6E5 |
+-------------------------------------------+
1 row in set (0.00 sec)

live
mysql> select password('foobar');
+-------------------------------------------+
| password('foobar')                        |
+-------------------------------------------+
| *9061D7B8DA0D4523AD448B53D80C2B551EDF8CD1 |
+-------------------------------------------+
1 row in set (0.00 sec)

2 thoughts on “When MySQL servers go weird”

  1. Hmm, I’m not sure what would cause password() to suddenly return different results, but the MySQL documentation for password() does state:

    The PASSWORD() function is used by the authentication system in MySQL Server; you should not use it in your own applications. For that purpose, consider MD5() or SHA1() instead

    Are the versions of MySQL in use on the dev and live environments exactly identical?

    Reply

  2. Indeed, all of my research pointed at not using PASSWORD() for storing passwords.
    I think this will be addressed in the next development cycle for the client.

    (just like to point out that I’m supporting an existing system…)

    Out of interest, restarting mysqld made no difference.
    But restarting the whole machine fixed it.

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.