StackOverflow2013

Note that there are some explanatory texts on larger screens.

plurals

PO
primarykey
Id
8037150
data
AcceptedAnswerId
0
AnswerCount
0
ClosedDate
CommentCount
0
CommunityOwnedDate
CreationDate
2011-11-07T13:31:31.623
FavoriteCount
0
LastActivityDate
2011-11-07T13:31:31.623
LastEditDate
LastEditorUserId
0
OwnerUserId
496978
ParentId
7082091
PostTypeId
2
Score
1
ViewCount
0
LastEditorDisplayName
text
Body
According to: <a href="http://www.emase.co.uk/old-mysql-passwords-insecure-and-easy-to-crack/" rel="nofollow">Old MySQL password cracking</a> <blockquote> Using the old password format a 16 byte hash is created such as: 6f8c114b58f2ce9e For the same password the MySQL4.1 hash is 41 bytes long: *6C8989366EAF75BB670AD8EA7A7FC1176A95CEF4 On the surface it might seem that this extra level of security granted by using the new passwords might not be significant. However, source code has been released under the creative common license which allows very quick cracking of old MySQL password. The password ‘a@4~1b’ has a hash of 2c28061c5bda971d. Using the cracking program mentioned above, this password can be cracked in under 1 second on a 2 year old laptop. By using a SQL injection attack it might be possible for a user without permission to view your my.cnf file. Entering this in a search box could render the contents of the file in the browser if the second param in the select statement was being shown on the screen and not escaped correctly: something’ UNION ALL SELECT 1,(SELECT LOAD_FILE(‘/etc/my.cnf’)),3,4,5,password FROM user ORDER BY ’7 </blockquote> If an unauthorised user is able to intercept your hashed passwords it is very easy to brute force them and obtain the plain text passwords. Complex passwords are still hard to crack, but an 8 character password will take very little time. Since the changes to the length of the MySQL password hash, it is much harder to brute force the hashes.
Tags
Title
singulars
PostAcceptedAnswerId
1. This table or related slice is empty.
PostParentId
1. POWhy is the old mysql password function considered insecure
 singulars
 PostTypePostTypeId
 PTQuestion
PostTypePostTypeId
1. PTAnswer
UserLastEditorUserId
1. This table or related slice is empty.
UserOwnerUserId
1. USpsych
plurals
PostLinksPostIdRelatedPostId
1. This table or related slice is empty.
PostLinksRelatedPostIdPostId
1. This table or related slice is empty.
PostsAcceptedAnswerId
1. This table or related slice is empty.
PostsParentIdCreationDate
1. This table or related slice is empty.
VotesPostIdCreationDate
1. VO
 singulars
 PostPostId
 PO
 UserUserId
 This table or related slice is empty.
 VoteTypeVoteTypeId
 VTUpMod
CommentsPostId
1. This table or related slice is empty.

Querying!

Guidance

A row detail

Detail views are divided into sections. All the information in the data section comes from columns in the selected row. The other sections display data from other, related rows.

Related data can be related in a to-one or a to-many fashion. Captions of data related in a to-many fashion link to a list view showing a filtered view of the table.

Try moving around until you find a non-empty to-many entry and click on the label to get to one. You can move back to the root by clicking on the database name in the header.