Showing entries 21 to 24
« 10 Newer Entries
Displaying posts with tag: password (reset)
MySQL – changing a user password


This post is for educational purposes only and no responsibility will be taken if you execute any of the commands. You mess it, you fix it!

Replacing a password for a user on MySQL can be done in at least four ways. Three ways at least.

1. set password for ‘user’@'host’=password(‘abc’);

2. grant usage on *.* to ‘user’@'host’ identified by ‘abc’;

3. update mysql.user set password=password(‘abc’) where user=’user’ and host=’host’;

mysql Wed Mar  9 14:27:17 2011 > set password for 'dc'@'%' = password('d');
Query OK, 0 rows affected (0.00 sec)

mysql Wed Mar  9 14:27:39 2011 > show grants for 'dc'@'%';
| Grants for dc@%                                                                                   | …
[Read more]
Securich – The MySQL Security Package step by step run through

I would like to start off by excusing myself for having had a broken link on when I published the latest blog post about Securich.

The tool is downloadable from there and anyone can use it for free in accordance to GPLv2.

I wanted to throw out tutorial about how to install it and use it (Note this tutorial is for version securich version 0.1.2):

Pop Quiz: MySQL Password Hashing

The answers to the last pop quiz are up:

So here’s another pop quiz. Given the following:

Welcome to the MySQL monitor.  Commands end with ; or \g.
Your MySQL connection id is 16450949 to server version: 4.1.14-standard-log

Type 'help;' or '\h' for help. Type '\c' to clear the buffer.

mysql> select count(*),length(password) from mysql.user group by length(password);
| count(*) | length(password) |
|       49 |               16 |
|       31 |               41 |
2 rows in set (0.00 sec)

mysql> select password('foo');
| password('foo')                           |
| *F3A2A51A9B0F2BE2468926B4132313728C250DBF | …
[Read more]
Checking password strength using and AJAX

With some inspiration from Ben Ramsey i created a little demo for using my md5 database during the signup process on a website.

This example demonstrates the use of the MD5 database at and AJAX to check password strength during signup on a website. After supplying a username and a password, a md5 hash of the password is generated using Paul Johnston's md5 javascript library.

The hash of the password (not the password itself) is then sent to If the website returns a result for the given password (hence the hash password combination is stored in the md5 database) it can be regarded as …

[Read more]
Showing entries 21 to 24
« 10 Newer Entries