A note on securing users password using hash on mysql
Login inside mysql shell
once login, issue the command
select password('internet');
assuming internet is the clear password
result below for the command:
mysql> select password('internet');
+-------------------------------------------+
| password('internet') |
+-------------------------------------------+
| *797420C584EBF42750EB523104268BA0FD87FBC8 |
+-------------------------------------------+
1 row in set (0.00 sec)
*797420C584EBF42750EB523104268BA0FD87FBC8 secure password that can be use
upon granting DB rights.
mysql> grant select,insert,update on dummy-db.* to 'testuser'@'%.%.%.%' identified by password '*797420C584EBF42750EB523104268BA0FD87FBC8';
Query OK, 0 rows affected (0.00 sec)
Query above will encrypt the defined password of user testuser on access to dummy-db and able to access from any remote ip. If you verify by using the mysql DB and select * from user;
| %.%.%.% | testuser | *797420C584EBF42750EB523104268BA0FD87FBC8 |
the cleartext password would be "internet".
