Bug #4300 MySqlAdministrator munches passwords ?
Submitted: 27 Jun 2004 2:50 Modified: 29 Jun 2004 19:20
Reporter: Richard W. Schlatter Email Updates:
Status: Not a Bug Impact on me:
Category:MySQL Administrator Severity:S2 (Serious)
Version:1.0.5beta OS:Windows (WinXP/Pro)
Assigned to: Michael G. Zinner CPU Architecture:Any

[27 Jun 2004 2:50] Richard W. Schlatter
(1) I installed MySQL v4.0.20c on WinXP/Pro (current with fixes). I then used the WinSQL command line utility to define a couple of users and associated passwords. Next I installed the MySqlAdministrator 1.0.5beta GUI-Tool (I like it!) and modified some passwords and added another user.

(2) Returning to the MySQL command line utility, it won't let me login, eg the database system doesn't seem to recognize my passwords anymore. 

(3) Killed the database process and restarted with my.ini option skip-grant-tables=1 to recover access.


I am a newbie to MySQL database environment (although not to IT), my search of bug reports didn't turn up anything similiar, but I may have missed some point in the documentation. 

I did see that MySqlAdministrator should be ok for MySQL v4.0ff but I also did see the announcement of extensions to the password size in coming versions of the DB software. 

I have the hunch that this beta version gets in trouble with the size and/or encryption. I tried to force option 'old-passwords' in the [MySQLAdministrator] section of my.ini, but this didn't help.

How to repeat:
go thru steps (1), (2) and (3) of description.

Suggested fix:
[29 Jun 2004 19:20] Michael G. Zinner
Thanks for reporting. I was able to reproduce it and it took a while till I figured out what is going on myself.

Please check http://dev.mysql.com/doc/mysql/en/Connection_access.html

What happens in the server is, that the anoymous@localhost matches first, before e.g. mike@%. So regardless if you specify a user with 
mysql -umike 
anoymous@localhost will be choosen.

The best solution to this is, to remove the anoymous account if you do not need it.