The post title may sound complicated, but it actually deals with a very simple problem and an even easier solution.

MySQL pre4.1 password hashes?

Back in the day, Mysql used a simple hashing method for passwords. We can replicate it today by specifying that we want to use the “old_passwords” format:

# mysql -e "set @@session.old_passwords=1; select Password('mycomplexpass');"
+---------------------------+
| Password('mycomplexpass') |
+---------------------------+
| 6e8623f36140a64c |
+---------------------------+

Today’s Password Hashes are far more complex and offer significantly more security against hackers:

# mysql -e "select Password('mycomplexpass')"
+-------------------------------------------+
| Password('mycomplexpass') |
+-------------------------------------------+
| *56ADA1CE6FCAE5EC592761396017D33E2B29AC55 |
+-------------------------------------------+

MySQL 5.6 Compatibility

Users with old sites, or servers that had “old_passwords” enabled in MySQL still used the old style of Password Hash. The more complex hashing process was the default method after MySQL version 4.1, but it was not until MySQL 5.6 that there was a strict requirement to use the newer hash type. Because of this strictly enforced requirement, it is now mandatory to use the new style of password hash and rightly so given the insecurity of the old style.

Nipon Computer LLC has updated most of the hashes already

In an effort to assist our clients, we have gone through all of our shared servers and programmatically updated the hashes for any password we could find in a configuration file. If you have a WordPress site, any other CMS, or even hand coded site, it is very likely that we were able to find a working password and automatically generate the new style hash for that Mysql User. However, there may still be some users that we were unable to automatically fix. The users whose password hashes still need to be updated are listed in the location specified in the email we sent out regarding this upcoming compatibility requirement.

Updating your MySQL pre4.1 password hashes to be MySQL 5.6 compatible

Now for the fun part, actually updating your old style password hash to instead use the modern style. There is only one step:

Reset your password.

That’s it! By setting a new password (or just re-using the old one again), modern servers will use generate a password hash using the new style and that MySQL user will now be 5.6 compatible.

To reset your password, first log into cPanel. There are two places to reset a MySQL user password:

1) The cPanel user itself: cPanel users have an associated MySQL user. To update the password hash for this account, simply reset your password with the “Change Password” function. First set your password to something else, then change it back. This will effectively reset the cPanel MySQL user and use the new style of hash.

2) Your MySQL users: Navigate to the “MySQL databases” function. For each MySQL user that needs to be updated, click “Set Password” and update the password. This will use the new style hash and that user will be MySQL 5.6 compatible!

If you run into any trouble with this process, please contact us: http://niponcomputer.com/en/contactus.php