Comments - PHP(wordpress) + auth_ed25519
Content reproduced on this site is the property of its respective owners,
and this content is not reviewed in advance by MariaDB. The views, information and opinions
expressed by this content do not necessarily represent those of MariaDB or any other party.
You are correct. It's a pity that PHP doesn't support auth_ed25519, and hopefully this will be fixed in future.
I agree I hope PHP does sooner rather than later, but at this point, the PHP page basically should really call out that it is insecure to use MariaDB with PHP, try and push PHP to add-in ed25519 support, or add in SHA2 support to MariaDB. Or really, all 3.
It's misleading to state that MariaDB "generally works well" with PHP when there is this unmentioned-glaring security hole there when using them together. And unfortunately, I'm sure a lot of people won't recognize it and just use the mysql_native_password method thinking it's still okay.