Proposal to deprecate the old password format_MySQL

Improving security has been a high priority for MySQL 5.7. To give you an idea of some of the changes to date, I recommend reading Todd Farmer's blog:Redefining --ssl option,Password expiration policy,AES256 encryption.

In MySQL 5.7, we are also proposing to deprecate the 'old' format for saving passwords. To provide some historical context:

• The old password format is a16-byte hashand considered to be cryptographically weak. Code appears online (I won't link to it) which allows the hash to be brute-forced in a small-enough amount of time.
• Ten years ago (2004), MySQL 4.1 introduced a stronger password hash format based on SHA1. The old password hash continued to be supported, since client libraries connecting to MySQL needed time to upgrade to support the new authentication scheme. A configuration setting ofsecure-auth=1allowed a DBA to enforce that users could only authenticate using new password hashes, but it was not enabled by default. Another configuration setting (old-passwords=1) allowed passwords to still be generated in the weak format.
• MySQL 5.6 (2013) enabledsecure-auth=1by default, preventing users from connecting to the server using old password hashes. However, it still permits a DBA to configuresecure-auth=0+old-passwords=1allowing weak hashes to be generated and used. As an aside, 5.6 also introduced a new SHA256 password hash option.

This brings us to today's discussion. We would like toproposethat:

• Settingsecure-auth=0+old-passwords=1is officiallydeprecated as of MySQL 5.6. The MySQL manual pages will be updated to discourage against these settings, and warnings will be written to the server error log on startup when they are in use.

• In a future version, support for settingsecure-auth=0+old-passwords=1will be removed. Since our policy is to support each GA release for8 yearsthis means that using old-password hashing will already be supported via MySQL 5.6 until 2021.Extendingsupport beyond this leaves us in a less secure position.

  We are proposing forremoval in MySQL 5.7, but are open to suggestions as to what is an acceptable timeframe.

We value your feedback regarding this proposal:

• Are you currently usingsecure-auth=0orold-passwords=1?
• Do you use a legacy connector that will not support the new (4.1+) authentication?
• If you do not agree with removal in MySQL 5.7, which version would you consider more suitable?

Please leave a comment, orget in touch!