-
Notifications
You must be signed in to change notification settings - Fork 2.3k
old_passwords
With MySQL version 4.1 (published in 2004!) came a protocol change, which introduced a more secure password authentication.
The variable old_password was added, which enables legacy support for the old password authentication but disables the new, more secure one.
The old password authentication uses a very weak hashing which is why it is considered insecure. You should not use it, if you don't need legacy support!
Because it is insecure and deprecated Go-MySQL-Driver did not support this old password authentication system until version 1.1.
Starting with Go-MySQL-Driver version 1.1 you can use the old authentication system explicitly by adding allowOldPasswords=1 to your DSN.
Set old_passwords to false in your my.cnf (my.ini on Windows), MySQL's configuration file.
On Linux you will find this file at /etc/my.cnf.
The var old_passwords belongs to the mysqld section, if you can't find it there, just add it:
[mysqld]
old_passwords = 0
You may also need to regenerate your passwords. See http://code.openark.org/blog/mysql/upgrading-passwords-from-old_passwords-to-new-passwords for a full manual on how to upgrade.