This plugin provides backward compatibility for pre-4.1 clients using an older, insecure password hashing algorithm and should not be used for new installations.
The mysql_old_password authentication plugin is the default authentication plugin that is used for an account created when no authentication plugin is explicitly mentioned and old_passwords=1 is set. It uses the pre-MySQL 4.1 password hashing algorithm, which is also used by the OLD_PASSWORD() function and by the PASSWORD() function when old_passwords=1 is set.
It is not recommended to use the mysql_old_password authentication plugin for new installations. The password hashing algorithm is no longer secure, and the plugin is primarily provided for backward compatibility. The ed25519 authentication plugin is a more modern authentication plugin that provides simple password authentication.
The mysql_old_password authentication plugin is statically linked into the server, so no installation is necessary.
The easiest way to create a user account with the mysql_old_password authentication plugin is to make sure that is set, and create a user account via that does not specify an authentication plugin, but instead specifies a password via the clause:
If does not have NO_AUTO_CREATE_USER set, then you can also create the user via :
You can also create the user account by providing a password hash via the clause, and MariaDB validates whether the password hash is one that is compatible with mysql_old_password:
Similar to all other , you could also specify the name of the plugin in the IDENTIFIED VIA clause, while providing the password hash as the USING clause:
You can change a user account's password with the statement, while providing the plain-text password as an argument to the function:
You can also change the user account's password with the statement. You have to make sure that is set, and you have to specify a password via the clause:
For clients that use the libmysqlclient or libraries, MariaDB provides one client authentication plugin that is compatible with the mysql_old_password authentication plugin:
mysql_old_password
When connecting with a to a server as a user account that authenticates with the mysql_old_password authentication plugin. You may need to tell the client where to find the relevant client authentication plugin by specifying the --plugin-dir option:
However, the mysql_old_password client authentication plugin is generally statically linked into client libraries like libmysqlclient or , so this is not usually necessary.
mysql_old_passwordThe mysql_old_password client authentication plugin hashes the password before sending it to the server.
The mysql_old_password authentication plugin is one of the conventional authentication plugins, so all client libraries should support it.
This page is licensed: CC BY-SA / Gnu FDL
SET old_passwords=1;
CREATE USER username@hostname IDENTIFIED BY 'mariadb';SET old_passwords=1;
GRANT SELECT ON db.* TO username@hostname IDENTIFIED BY 'mariadb';SET old_passwords=1;
Query OK, 0 rows affected (0.000 sec)
SELECT PASSWORD('mariadb');
+---------------------+
| PASSWORD('mariadb') |
+---------------------+
| 021bec665bf663f1 |
+---------------------+
1 row in set (0.000 sec)
CREATE USER username@hostname IDENTIFIED BY PASSWORD '021bec665bf663f1';
Query OK, 0 rows affected (0.000 sec)CREATE USER username@hostname IDENTIFIED VIA mysql_old_password USING '021bec665bf663f1';
Query OK, 0 rows affected (0.000 sec)SET PASSWORD = PASSWORD('new_secret')SET old_passwords=1;
ALTER USER username@hostname IDENTIFIED BY 'new_secret';mysql --plugin-dir=/usr/local/mysql/lib64/mysql/plugin --user=alice