Bug #20738 | Forge passwords should allow 20 characters, same as mysql.com | ||
---|---|---|---|
Submitted: | 27 Jun 2006 21:50 | Modified: | 28 Jun 2006 6:06 |
Reporter: | Jay Pipes | Email Updates: | |
Status: | Closed | Impact on me: | |
Category: | MySQL Websites: MySQLForge | Severity: | S3 (Non-critical) |
Version: | OS: | ||
Assigned to: | Jay Pipes | CPU Architecture: | Any |
[27 Jun 2006 21:50]
Jay Pipes
[27 Jun 2006 23:02]
Jim Winstead
You're using the PASSWORD() function? Read this bit in the manual: Note: The PASSWORD() function is used by the authentication system in MySQL Server; you should not use it in your own applications. For that purpose, consider MD5() or SHA1() instead. Also see RFC 2195 for more information about handling passwords and authentication securely in your applications.
[27 Jun 2006 23:33]
Jay Pipes
Hmmm, good to know, Jim. Too bad I missed it; been using it for years, and old habits apparently die hard :( So, this poses an interesting problem for the already existing Forge accounts...I'll have to think on a fix for this.
[28 Jun 2006 6:06]
Jay Pipes
OK, there is now full single signon with the main mysql.com authentication system (not including the forge wiki, which is a separate task). No more PASSWORD().