MySQL에서 사용하는 패스워드로 사용할 수 있는 함수를 버전별로 테스트한 결과입니다.
프로그램을 시작할때 참고를 해서 테스트를 해보시면 좋습니다.
비밀번호를 md5()를 한 다음에 sha1()을 처리하고, 나머지 데이타는 encode() 혹은 des_encrypt()를 내부 암호키를 이용해서 저장하고 관리하는 방법을 사용하면 효과적입니다.
[smlee@A ~]$ mysql -p -u root
Enter password:
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 644167
Server version: 5.0.77 Source distribution
Type 'help;' or '\h' for help. Type '\c' to clear the buffer.
mysql> select password('dltjrans');
+----------------------+
| password('dltjrans') |
+----------------------+
| 337c52a05f635196 |
+----------------------+
1 row in set (0.03 sec)
mysql> select sha1('dltjrans');
+------------------------------------------+
| sha1('dltjrans') |
+------------------------------------------+
| 2734580af3645aae53a80ce3a60841636e4f5f16 |
+------------------------------------------+
1 row in set (0.02 sec)
mysql> select sha2('dltjrans');
ERROR 1305 (42000): FUNCTION sha2 does not exist
mysql> select encrypt('dltjrans');
+---------------------+
| encrypt('dltjrans') |
+---------------------+
| iBlePNVyWUPF2 |
+---------------------+
1 row in set (0.00 sec)
mysql> select md5('dltjrans');
+----------------------------------+
| md5('dltjrans') |
+----------------------------------+
| 44022b75cd0626a239a1c0ec42e0b902 |
+----------------------------------+
1 row in set (0.00 sec)
mysql> select old_password('dltjrans');
+--------------------------+
| old_password('dltjrans') |
+--------------------------+
| 337c52a05f635196 |
+--------------------------+
1 row in set (0.00 sec)
mysql> show variables;
+---------------------------------+------------------------------------------------------------+
| Variable_name | Value |
+---------------------------------+------------------------------------------------------------+
......
| old_passwords | ON |
......
+---------------------------------+------------------------------------------------------------+
239 rows in set (0.01 sec)
[smlee@B ~]$ /usr/local/mysql/bin/mysql --character-sets-dir=utf8 -p -u root
Enter password:
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 326943
Server version: 5.1.58-log Source distribution
Copyright (c) 2000, 2010, Oracle and/or its affiliates. All rights reserved.
This software comes with ABSOLUTELY NO WARRANTY. This is free software,
and you are welcome to modify and redistribute it under the GPL v2 license
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
mysql> select password('dltjrans');
+-------------------------------------------+
| password('dltjrans') |
+-------------------------------------------+
| *8FE4DE9DB3E99B3D33C46101724499112B4E08C0 |
+-------------------------------------------+
1 row in set (0.00 sec)
mysql> select sha('dltjrans');
+------------------------------------------+
| sha('dltjrans') |
+------------------------------------------+
| 2734580af3645aae53a80ce3a60841636e4f5f16 |
+------------------------------------------+
1 row in set (0.00 sec)
mysql> select sha1('dltjrans');
+------------------------------------------+
| sha1('dltjrans') |
+------------------------------------------+
| 2734580af3645aae53a80ce3a60841636e4f5f16 |
+------------------------------------------+
1 row in set (0.00 sec)
mysql> select encrypt('dltjrans');
+---------------------+
| encrypt('dltjrans') |
+---------------------+
| dZew2kBw.Cajg |
+---------------------+
1 row in set (0.00 sec)
mysql> select old_password('dltjrans');
+--------------------------+
| old_password('dltjrans') |
+--------------------------+
| 337c52a05f635196 |
+--------------------------+
1 row in set (0.00 sec)
[smlee@C ~]$ mysql -p -u root
Enter password:
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 33751
Server version: 5.5.21 MySQL Community Server (GPL)
Copyright (c) 2000, 2011, Oracle and/or its affiliates. All rights reserved.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
mysql> select password('dltjrans');
+-------------------------------------------+
| password('dltjrans') |
+-------------------------------------------+
| *8FE4DE9DB3E99B3D33C46101724499112B4E08C0 |
+-------------------------------------------+
1 row in set (0.00 sec)
mysql> select sha('dltjrans');
+------------------------------------------+
| sha('dltjrans') |
+------------------------------------------+
| 2734580af3645aae53a80ce3a60841636e4f5f16 |
+------------------------------------------+
1 row in set (0.03 sec)
mysql> select sha1('dltjrans');
+------------------------------------------+
| sha1('dltjrans') |
+------------------------------------------+
| 2734580af3645aae53a80ce3a60841636e4f5f16 |
+------------------------------------------+
1 row in set (0.00 sec)
mysql> select encrypt('dltjrans');
+---------------------+
| encrypt('dltjrans') |
+---------------------+
| yb/DPswDxmSnk |
+---------------------+
1 row in set (0.00 sec)
mysql> select old_password('dltjrans');
+--------------------------+
| old_password('dltjrans') |
+--------------------------+
| 337c52a05f635196 |
+--------------------------+
1 row in set (0.00 sec)
mysql>