Pre-Mysql 4.1 Passwords - Thoughts on upgrading Mysql 5.6 - Knowledgebase

Portal Home > Knowledgebase > Articles Database > Pre-Mysql 4.1 Passwords - Thoughts on upgrading Mysql 5.6

Pre-Mysql 4.1 Passwords - Thoughts on upgrading Mysql 5.6

Posted by mellow-h, 04-06-2015, 11:10 PM
It looks like Mysql 5.6 has completely stopped supporting 16 characters hashed password from pre-mysql 4.1. How do you plan to do the upgrade for servers that are possibly running with pretty long term users? Is there any trick available you know to upgrade passwords transparently?
Posted by PlatinumVPS, 04-07-2015, 02:43 AM
Yes, MySQL 5.6 password enryption algorithm is totally changed and it does not support MySQL Pre-style password encryption. -> You can fetch the list of files of cPanel user accounts in which client has used MySQL connection. You can grep for connection files using its cPanel username. It can be easily done through a script because each MySQL database and its user contains the cPanel username prefix. -> Once you have a list of files, check the password from that file and reset the same after MySQL upgrade. -> After MySQL upgrade when you reset the password it will be encrypted with new encryption algorithm. -> It is also required to reset cPanel user's password so it will sync default MySQL user's password.
Posted by Wes0805, 04-07-2015, 02:54 AM
I was fortunately able to catch this one when I upgraded my cPanel server from 5.5 to 5.6. AFAIK, you can check which passwords are not encrypted according to the standards of 5.6. The difficult part on this one is how to contact your clients to change their database passwords, and update their script configuration files. The best upgrade, in my opinion, is MariaDB If this is a cPanel server, you have to upgrade incrementally > 5.5 > 5.6 > MariabDB 10.
Posted by mellow-h, 04-07-2015, 03:13 AM
Does cpanel store the passwords in a file? Mysql has them hashed, not in plain text. Indeed. Until there is a way to get the plaintext passwords, I don't see any other way then taking the stress of communicating with the clients to do the updates.
Posted by PlatinumVPS, 04-07-2015, 03:29 AM
Does cpanel store the passwords in a file? Mysql has them hashed, not in plain text. >> Your client has used database name, database username and password in some connection files like "wp-config.php". You can check which password client has set for the database user and then reset the same password after MySQL upgrade. Through a "grep" command, you can get the list of file name where client has used value. A file under cPanel user's account should not contain encrypted password. It should be in plain text.
Posted by Kailash12, 04-13-2015, 07:40 AM
There is no real solution except update MySQL database users' passwords which are using old style password. During upgrade, it will set random passwords for those users which are using mysql old style password.