在 MySQL SERVER 8.0 中,密码功能不起作用
In MySQL SERVER 8.0 the PASSWORD function not working
在 MySQL 服务器版本 8.0.12
中执行 PASSWORD 函数时出错
我有以下查询:
SELECT *
FROM users
WHERE login = 'FABIO'
AND pwd = PASSWORD('2018')
LIMIT 0, 50000
我收到这个错误:
Error Code: 1064. You have an error in your SQL syntax; check the
manual that corresponds to your MySQL server version for the right
syntax to use near
OP 的 MySQL 服务器版本是 8.0.12。来自 MySQL Documentation, PASSWORD 的函数已被弃用 版本 > 5.7.5:
Note
The information in this section applies fully only before MySQL 5.7.5,
and only for accounts that use the mysql_native_password or
mysql_old_password authentication plugins. Support for pre-4.1
password hashes was removed in MySQL 5.7.5. This includes removal of
the mysql_old_password authentication plugin and the OLD_PASSWORD()
function. Also, secure_auth cannot be disabled, and old_passwords
cannot be set to 1.
As of MySQL 5.7.5, only the information about 4.1 password hashes and
the mysql_native_password authentication plugin remains relevant.
您可以使用 here. More details from the MySQL server team can be seen here.
中更好、更安全的加密函数,而不是 PASSWORD 函数
如果您需要替换哈希来匹配 password() 函数,请使用:SHA1(UNHEX(SHA1()));
例如
mysql> SELECT PASSWORD('mypass');
+-------------------------------------------+
| PASSWORD('mypass') |
+-------------------------------------------+
| *6C8989366EAF75BB670AD8EA7A7FC1176A95CEF4 |
+-------------------------------------------+
以及在版本 8 中给出相同答案的替换:
mysql> SELECT CONCAT('*', UPPER(SHA1(UNHEX(SHA1('mypass')))));
+-------------------------------------------------+
| CONCAT('*', UPPER(SHA1(UNHEX(SHA1('mypass'))))) |
+-------------------------------------------------+
| *6C8989366EAF75BB670AD8EA7A7FC1176A95CEF4 |
+-------------------------------------------------+
使用 MySQL 8.0.22,我必须执行以下操作:
更新/etc/mysql/my.cnf 并添加行:
[mysqld]
skip-grant-tables
重启mysql和运行一些查询:
> systemctl restart mysql
> sudo mysql
mysql> UPDATE mysql.user SET authentication_string=null WHERE User='root';
FLUSH PRIVILEGES;
mysql> exit;
重新登录并更新密码:
> mysql -u root
mysql> ALTER USER 'root'@'localhost' IDENTIFIED WITH caching_sha2_password BY 'my password';
mysql> FLUSH PRIVILEGES;
更新/etc/mysql/my.cnf并删除行skip-grant-tables
> systemctl restart mysql
最后,测试
> mysql -u root -p
您可以创建另一个类似于 PASSWORD 的函数
SET GLOBAL log_bin_trust_function_creators = 1;
delimiter $$
CREATE FUNCTION PASSWORD2 (pass_in varchar(50)) RETURNS varchar(50)
BEGIN
declare n_pass varchar(50);
set n_pass = CONCAT('*', UPPER(SHA1(UNHEX(SHA1(pass_in)))));
return n_pass;
END$$
然后
SELECT PASSWORD2("my_super_scret_password") FROM MyUserTable ....
在 MySQL 服务器版本 8.0.12
中执行PASSWORD 函数时出错
我有以下查询:
SELECT *
FROM users
WHERE login = 'FABIO'
AND pwd = PASSWORD('2018')
LIMIT 0, 50000
我收到这个错误:
Error Code: 1064. You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near
OP 的 MySQL 服务器版本是 8.0.12。来自 MySQL Documentation, PASSWORD 的函数已被弃用 版本 > 5.7.5:
Note
The information in this section applies fully only before MySQL 5.7.5, and only for accounts that use the mysql_native_password or mysql_old_password authentication plugins. Support for pre-4.1 password hashes was removed in MySQL 5.7.5. This includes removal of the mysql_old_password authentication plugin and the OLD_PASSWORD() function. Also, secure_auth cannot be disabled, and old_passwords cannot be set to 1.
As of MySQL 5.7.5, only the information about 4.1 password hashes and the mysql_native_password authentication plugin remains relevant.
您可以使用 here. More details from the MySQL server team can be seen here.
中更好、更安全的加密函数,而不是PASSWORD 函数
如果您需要替换哈希来匹配 password() 函数,请使用:SHA1(UNHEX(SHA1())); 例如
mysql> SELECT PASSWORD('mypass');
+-------------------------------------------+
| PASSWORD('mypass') |
+-------------------------------------------+
| *6C8989366EAF75BB670AD8EA7A7FC1176A95CEF4 |
+-------------------------------------------+
以及在版本 8 中给出相同答案的替换:
mysql> SELECT CONCAT('*', UPPER(SHA1(UNHEX(SHA1('mypass')))));
+-------------------------------------------------+
| CONCAT('*', UPPER(SHA1(UNHEX(SHA1('mypass'))))) |
+-------------------------------------------------+
| *6C8989366EAF75BB670AD8EA7A7FC1176A95CEF4 |
+-------------------------------------------------+
使用 MySQL 8.0.22,我必须执行以下操作:
更新/etc/mysql/my.cnf 并添加行:
[mysqld] skip-grant-tables重启mysql和运行一些查询:
> systemctl restart mysql > sudo mysql mysql> UPDATE mysql.user SET authentication_string=null WHERE User='root'; FLUSH PRIVILEGES; mysql> exit;重新登录并更新密码:
> mysql -u root mysql> ALTER USER 'root'@'localhost' IDENTIFIED WITH caching_sha2_password BY 'my password'; mysql> FLUSH PRIVILEGES;更新/etc/mysql/my.cnf并删除行
skip-grant-tables> systemctl restart mysql最后,测试
> mysql -u root -p
您可以创建另一个类似于 PASSWORD 的函数
SET GLOBAL log_bin_trust_function_creators = 1;
delimiter $$
CREATE FUNCTION PASSWORD2 (pass_in varchar(50)) RETURNS varchar(50)
BEGIN
declare n_pass varchar(50);
set n_pass = CONCAT('*', UPPER(SHA1(UNHEX(SHA1(pass_in)))));
return n_pass;
END$$
然后
SELECT PASSWORD2("my_super_scret_password") FROM MyUserTable ....