Jump to content

Recommended Posts

The password function in MySQL: PASSWORD(), produces a 41-byte hash value which I store in a password    CHAR(41)    NOT NULL. I was curious though how long of a string can be converted into that 41-byte hash value? For example, if someone were to enter a 1000 character string, would that still be able to be stored in CHAR(41)?

 

The book I am following limits the password to maxlength=”20” but I did not see my question being answered in the book or on the MySQL website so I am just asking.

 

Link to comment
https://forums.phpfreaks.com/topic/255805-password-character-length-limits/
Share on other sites

The password function produces a checksum (hash) of the supplied string. The only limit is the maximum length of one query statement which is by default 1M byte.

 

Also, don't use the mysql password function in your application -

 

The PASSWORD() function is used by the authentication system in MySQL Server; you should not use it in your own applications. For that purpose, consider MD5() or SHA1() instead. Also see RFC 2195, section 2 (Challenge-Response Authentication Mechanism (CRAM)), for more information about handling passwords and authentication securely in your applications.

 

 

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.