echo_loser Posted January 26, 2012 Share Posted January 26, 2012 The password function in MySQL: PASSWORD(), produces a 41-byte hash value which I store in a password CHAR(41) NOT NULL. I was curious though how long of a string can be converted into that 41-byte hash value? For example, if someone were to enter a 1000 character string, would that still be able to be stored in CHAR(41)? The book I am following limits the password to maxlength=”20” but I did not see my question being answered in the book or on the MySQL website so I am just asking. Quote Link to comment Share on other sites More sharing options...
PFMaBiSmAd Posted January 26, 2012 Share Posted January 26, 2012 The password function produces a checksum (hash) of the supplied string. The only limit is the maximum length of one query statement which is by default 1M byte. Also, don't use the mysql password function in your application - The PASSWORD() function is used by the authentication system in MySQL Server; you should not use it in your own applications. For that purpose, consider MD5() or SHA1() instead. Also see RFC 2195, section 2 (Challenge-Response Authentication Mechanism (CRAM)), for more information about handling passwords and authentication securely in your applications. Quote Link to comment Share on other sites More sharing options...
fenway Posted January 26, 2012 Share Posted January 26, 2012 Please don't use that ever. Quote Link to comment Share on other sites More sharing options...
echo_loser Posted January 27, 2012 Author Share Posted January 27, 2012 Roger that. I'll use md5() instead. Thanks! Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.