LiveCode Forums

Questions and answers about the LiveCode platform.
https://forums.livecode.com/

mySQL install: which password setting works with LC

https://forums.livecode.com/viewtopic.php?f=12&t=34058

Page 1 of 1

mySQL install: which password setting works with LC

Posted: Sat May 09, 2020 2:51 pm
by Thierry
Hi all,

mySQL 8.0.20-community on MacOS Mojave.

During the installation,
they ask to choose between a strong or legacy encryption.


installMySql-8.png


Do the 2 options work with LC 9 ? if not, which one ?

Thanks

Thierry

Re: mySQL install: which password setting works with LC

Posted: Sat May 09, 2020 7:06 pm
by ghettocottage
You might consider creating your root user with the strongest password settings you can. That user will have full global permissions. Then after you have your database(s) set up, create a secondary user. The secondary user will have minimal permissions only on the database it needs to work with.

Re: mySQL install: which password setting works with LC

Posted: Sat May 09, 2020 7:29 pm
by Thierry
ghettocottage wrote:
Sat May 09, 2020 7:06 pm
 You might consider creating your root user with the strongest password .....
Thanks for your answer, and yes, I'm aware of this.

My question was related to the settings during mySql server install:
about the new 2 passwords encryption option, you can read (see picture in the OP )
that some clients could be unable to connect to the database then...

Thus the question: what about LiveCode if I choose the 1st option?

This mySQL server on my Mac is only for development purpose,
so, really I don't care much about security,
except I was scared that I couldn't connect with LC...

Hope this clarify a bit my question...

Thierry

Re: mySQL install: which password setting works with LC

Posted: Sun May 10, 2020 2:42 pm
by AxWald
Hi,

cannot do any tests (don't have local mySQLs & those remote ones I use are not to be fiddled with ...), but as I see it & read the docu there shouldn't be a problem as long as you only use passwords to connect, and not the "PASSWORD()" function:
https://dev.mysql.com/doc/refman/5.6/en/application-password-use.html wrote:If you [...] run the server under conditions where it generates long password hashes, an application using PASSWORD() for its own passwords breaks. The recommended course of action in such cases is to modify the application to use another function, such as SHA2(), SHA1(), or MD5(), to produce hashed values.
You get your password (and user name) from the database settings, throw it to the db during the revdb_connect, what could possibly go wrong? *) As far as I understand it's only the internal hashing & the "PASSWORD()" function that got updated.

Take this with a handful of salt - but the worst that could happen would be that you'd need to uninstall/ reinstall with "Legacy encryption", right?

Hope this helps, have fun!

*) From "Famous last words" ;-)

Re: mySQL install: which password setting works with LC

Posted: Sun May 10, 2020 3:58 pm
by Thierry
Thanks a lot, AxWald.

I'll do my homework now :)

Thierry
All times are UTC+01:00
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Limited
https://www.phpbb.com/