mySQL install: which password setting works with LC

Thierry · Post by **Thierry** » Sat May 09, 2020 2:51 pm

Hi all,

mySQL 8.0.20-community on MacOS Mojave.

During the installation,
they ask to choose between a strong or legacy encryption.

Do the 2 options work with LC 9 ? if not, which one ?

Thanks

Thierry

ghettocottage · Post by **ghettocottage** » Sat May 09, 2020 7:06 pm

You might consider creating your root user with the strongest password settings you can. That user will have full global permissions. Then after you have your database(s) set up, create a secondary user. The secondary user will have minimal permissions only on the database it needs to work with.

Thierry · Post by **Thierry** » Sat May 09, 2020 7:29 pm

ghettocottage wrote: ↑
Sat May 09, 2020 7:06 pm
You might consider creating your root user with the strongest password .....

Thanks for your answer, and yes, I'm aware of this.

My question was related to the settings during mySql server install:
about the new 2 passwords encryption option, you can read (see picture in the OP )
that some clients could be unable to connect to the database then...

Thus the question: what about LiveCode if I choose the 1st option?

This mySQL server on my Mac is only for development purpose,
so, really I don't care much about security,
except I was scared that I couldn't connect with LC...

Hope this clarify a bit my question...

Thierry

AxWald · Post by **AxWald** » Sun May 10, 2020 2:42 pm

Hi,

cannot do any tests (don't have local mySQLs & those remote ones I use are not to be fiddled with ...), but as I see it & read the docu there shouldn't be a problem as long as you only use passwords to connect, and not the "PASSWORD()" function:

https://dev.mysql.com/doc/refman/5.6/en/application-password-use.html wrote:If you [...] run the server under conditions where it generates long password hashes, an application using PASSWORD() for its own passwords breaks. The recommended course of action in such cases is to modify the application to use another function, such as SHA2(), SHA1(), or MD5(), to produce hashed values.

You get your password (and user name) from the database settings, throw it to the db during the revdb_connect, what could possibly go wrong? *) As far as I understand it's only the internal hashing & the "PASSWORD()" function that got updated.

Take this with a handful of salt - but the worst that could happen would be that you'd need to uninstall/ reinstall with "Legacy encryption", right?

Hope this helps, have fun!

*) From "Famous last words" ;-)

Thierry · Post by **Thierry** » Sun May 10, 2020 3:58 pm

Thanks a lot, AxWald.

I'll do my homework now

Thierry

LiveCode Forums

mySQL install: which password setting works with LC

mySQL install: which password setting works with LC

Re: mySQL install: which password setting works with LC

Re: mySQL install: which password setting works with LC

Re: mySQL install: which password setting works with LC

Re: mySQL install: which password setting works with LC