+- Community Support for OpenDocMan (Deprecated) (https://forum.opendocman.com)
+-- Forum: OpenDocMan Community Discussion (https://forum.opendocman.com/forum-5.html)
+--- Forum: OpenDocMan Feature Requests (https://forum.opendocman.com/forum-7.html)
+--- Thread: Usage of MySQL's PASSWORD function in OpenDocMan (/thread-234.html)
Usage of MySQL's PASSWORD function in OpenDocMan - bps - 05-10-2010
OpenDocMan uses MySQL's PASSWORD function to hash stored user passwords. This is not considered a secure practice and is explicitly discouraged in the MySQL documentation itself:
Quote:The PASSWORD() function is used by the authentication system in MySQL Server; you should not use it in your own applications. For that purpose, consider MD5() or SHA1() instead.
(emphasis theirs)
Re: Usage of MySQL's PASSWORD function in OpenDocMan - Stephen - 05-14-2010
Fixed for next release.