Secure passwords with MySQL

It is my understanding that InfinityFree uses MySQL 5.6 and that the PASSWORD() function is deprecated, but there is a way to change it. How would I go about this?

I’m sorry, but what exactly is the issue you would like to fix? I know the PASSWORD() function is deprecated as of MySQL 5.7.5, and is removed with MySQL 8.0. But then what exactly do you need help with here?

It seems as though you can change the PASSWORD() function to get SHA-256 encryption by changing a system variable called “old_passwords”. Where is this system variable and how can I change it?

If it’s large php.ini stuff, You can’t, Just use password_hash()


So where exactly do you see the password function being used?

If you’re building an authentication system for your website, then going with PHP’s password_hash function, also mentioned by @HaydenANG, is highly recommended. The password_hash function creates a hashed and salted bcrypt password, which is a very good standard to use nowadays.

And unlike the PASSWORD() function, it has backward compatibility built in, so you don’t need to worry about future MySQL or PHP upgrades breaking your passwords.


This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.