Community Support for OpenDocMan (Deprecated)

Full Version: Usage of MySQL's PASSWORD function in OpenDocMan
You're currently viewing a stripped down version of our content. View the full version with proper formatting.
OpenDocMan uses MySQL's PASSWORD function to hash stored user passwords. This is not considered a secure practice and is explicitly discouraged in the MySQL documentation itself:

Quote:The PASSWORD() function is used by the authentication system in MySQL Server; you should not use it in your own applications. For that purpose, consider MD5() or SHA1() instead.

(emphasis theirs)
Fixed for next release.