Yes, I would strongly suggest updating to a newer password hash function. More: http://stackoverflow.com/questions/7082091/why-is-the-old-mysql-password-function-considered-insecure
On Mon, Apr 9, 2012 at 4:48 PM, Phil Stracchino <ala...@metrocast.net>wrote: > On 04/09/2012 09:48 AM, Domen Kožar wrote: > > Hi, > > > > what version of mysql are you running? It seems you are running a > > version with old password hashes, which changed in mysql 5.0. I'm not > > sure what versions current almir mysql driver supports (have to check), > > but mysql 4.1 is the minimum version that can be supported. > > The default MySQL configuration files shipped with almost every Linux > distribution's MySQL packages, *even for MySQL 5.5*, still enable the > old_passwords setting by default "for backward compatibility". It makes > me want to kick people. The old style MySQL 3 password hashes were > deprecated over ten years ago, because they were insecure THEN, and the > attacks haven't gotten any weaker in the intervening ten years. > > There is really no excuse for it on the part of the packagers. I > suspect they will continue to enable old_passwords by default until > Oracle completely removes old-style password hash support. > > </rant> > > -- > Phil Stracchino, CDK#2 DoD#299792458 ICBM: 43.5607, -71.355 > ala...@caerllewys.net ala...@metrocast.net p...@co.ordinate.org > Renaissance Man, Unix ronin, Perl hacker, SQL wrangler, Free Stater > It's not the years, it's the mileage. > > > ------------------------------------------------------------------------------ > For Developers, A Lot Can Happen In A Second. > Boundary is the first to Know...and Tell You. > Monitor Your Applications in Ultra-Fine Resolution. Try it FREE! > http://p.sf.net/sfu/Boundary-d2dvs2 > _______________________________________________ > Bacula-users mailing list > Bacula-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/bacula-users >
------------------------------------------------------------------------------ For Developers, A Lot Can Happen In A Second. Boundary is the first to Know...and Tell You. Monitor Your Applications in Ultra-Fine Resolution. Try it FREE! http://p.sf.net/sfu/Boundary-d2dvs2
_______________________________________________ Bacula-users mailing list Bacula-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/bacula-users
