In MySQL 5.6 and 5.7, you have the option of using the SHA256 password algorithm. The current method (mysql_native_password) leverages SHA1 and this has been proven to be no longer as secure as one would expect today.
Still needed for MySQL compatibility, but as far as security is concerned, we have a secure ed25519 plugin as an alternative to the old SHA1 auth.
Sergei Golubchik
added a comment - Still needed for MySQL compatibility, but as far as security is concerned, we have a secure ed25519 plugin as an alternative to the old SHA1 auth.
If a security certification specifically asks for something related to this, such as one particular I was reading the other day requires support for SCRAM-SHA-384/512, this plugin might be useful (though it would need higher hash key length).
However, seems that most security certifications also accept the ed25519 (~EdDSA ~ECDSA) with the key lengths MariaDB already has, so the utility of sha256_password in MariaDB might be very marginal.
Otto Kekäläinen
added a comment - If a security certification specifically asks for something related to this, such as one particular I was reading the other day requires support for SCRAM-SHA-384/512, this plugin might be useful (though it would need higher hash key length).
However, seems that most security certifications also accept the ed25519 (~EdDSA ~ECDSA) with the key lengths MariaDB already has, so the utility of sha256_password in MariaDB might be very marginal.
As MySQL deprecated the sha256_password plugin I am changing the scope to only implement the caching_sha256_password plugin
Ralf Gebhardt
added a comment - As MySQL deprecated the sha256_password plugin I am changing the scope to only implement the caching_sha256_password plugin
People
Sergei Golubchik
Colin Charles
Votes:
11Vote for this issue
Watchers:
18Start watching this issue
Dates
Created:
Updated:
Git Integration
Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.
{"report":{"fcp":720.3000001907349,"ttfb":198.80000019073486,"pageVisibility":"visible","entityId":56271,"key":"jira.project.issue.view-issue","isInitial":true,"threshold":1000,"elementTimings":{},"userDeviceMemory":8,"userDeviceProcessors":64,"apdex":1,"journeyId":"ac6ef3b5-ba7f-40d7-b18e-9696e801f66f","navigationType":0,"readyForUser":781.4000000953674,"redirectCount":0,"resourceLoadedEnd":311.10000014305115,"resourceLoadedStart":204.20000004768372,"resourceTiming":[{"duration":5.200000047683716,"initiatorType":"link","name":"https://jira.mariadb.org/s/2c21342762a6a02add1c328bed317ffd-CDN/lu2bu7/820016/12ta74/0a8bac35585be7fc6c9cc5a0464cd4cf/_/download/contextbatch/css/_super/batch.css","startTime":204.20000004768372,"connectEnd":0,"connectStart":0,"domainLookupEnd":0,"domainLookupStart":0,"fetchStart":204.20000004768372,"redirectEnd":0,"redirectStart":0,"requestStart":0,"responseEnd":209.40000009536743,"responseStart":0,"secureConnectionStart":0},{"duration":5.300000190734863,"initiatorType":"link","name":"https://jira.mariadb.org/s/7ebd35e77e471bc30ff0eba799ebc151-CDN/lu2bu7/820016/12ta74/8679b4946efa1a0bb029a3a22206fb5d/_/download/contextbatch/css/jira.browse.project,project.issue.navigator,jira.view.issue,jira.general,jira.global,atl.general,-_super/batch.css?agile_global_admin_condition=true&jag=true&jira.create.linked.issue=true&slack-enabled=true","startTime":204.5,"connectEnd":0,"connectStart":0,"domainLookupEnd":0,"domainLookupStart":0,"fetchStart":204.5,"redirectEnd":0,"redirectStart":0,"requestStart":0,"responseEnd":209.80000019073486,"responseStart":0,"secureConnectionStart":0},{"duration":82,"initiatorType":"script","name":"https://jira.mariadb.org/s/fbf975c0cce4b1abf04784eeae9ba1f4-CDN/lu2bu7/820016/12ta74/0a8bac35585be7fc6c9cc5a0464cd4cf/_/download/contextbatch/js/_super/batch.js?locale=en","startTime":204.60000014305115,"connectEnd":204.60000014305115,"connectStart":204.60000014305115,"domainLookupEnd":204.60000014305115,"domainLookupStart":204.60000014305115,"fetchStart":204.60000014305115,"redirectEnd":0,"redirectStart":0,"requestStart":213,"responseEnd":286.60000014305115,"responseStart":235.20000004768372,"secureConnectionStart":204.60000014305115},{"duration":106.40000009536743,"initiatorType":"script","name":"https://jira.mariadb.org/s/099b33461394b8015fc36c0a4b96e19f-CDN/lu2bu7/820016/12ta74/8679b4946efa1a0bb029a3a22206fb5d/_/download/contextbatch/js/jira.browse.project,project.issue.navigator,jira.view.issue,jira.general,jira.global,atl.general,-_super/batch.js?agile_global_admin_condition=true&jag=true&jira.create.linked.issue=true&locale=en&slack-enabled=true","startTime":204.70000004768372,"connectEnd":204.70000004768372,"connectStart":204.70000004768372,"domainLookupEnd":204.70000004768372,"domainLookupStart":204.70000004768372,"fetchStart":204.70000004768372,"redirectEnd":0,"redirectStart":0,"requestStart":213.5,"responseEnd":311.10000014305115,"responseStart":236.5,"secureConnectionStart":204.70000004768372},{"duration":38.19999980926514,"initiatorType":"script","name":"https://jira.mariadb.org/s/94c15bff32baef80f4096a08aceae8bc-CDN/lu2bu7/820016/12ta74/c92c0caa9a024ae85b0ebdbed7fb4bd7/_/download/contextbatch/js/atl.global,-_super/batch.js?locale=en","startTime":204.80000019073486,"connectEnd":204.80000019073486,"connectStart":204.80000019073486,"domainLookupEnd":204.80000019073486,"domainLookupStart":204.80000019073486,"fetchStart":204.80000019073486,"redirectEnd":0,"redirectStart":0,"requestStart":214.5,"responseEnd":243,"responseStart":242.20000004768372,"secureConnectionStart":204.80000019073486},{"duration":46.5,"initiatorType":"script","name":"https://jira.mariadb.org/s/d41d8cd98f00b204e9800998ecf8427e-CDN/lu2bu7/820016/12ta74/1.0/_/download/batch/jira.webresources:calendar-en/jira.webresources:calendar-en.js","startTime":204.90000009536743,"connectEnd":204.90000009536743,"connectStart":204.90000009536743,"domainLookupEnd":204.90000009536743,"domainLookupStart":204.90000009536743,"fetchStart":204.90000009536743,"redirectEnd":0,"redirectStart":0,"requestStart":215.60000014305115,"responseEnd":251.40000009536743,"responseStart":250.70000004768372,"secureConnectionStart":204.90000009536743},{"duration":51,"initiatorType":"script","name":"https://jira.mariadb.org/s/d41d8cd98f00b204e9800998ecf8427e-CDN/lu2bu7/820016/12ta74/1.0/_/download/batch/jira.webresources:calendar-localisation-moment/jira.webresources:calendar-localisation-moment.js","startTime":205,"connectEnd":205,"connectStart":205,"domainLookupEnd":205,"domainLookupStart":205,"fetchStart":205,"redirectEnd":0,"redirectStart":0,"requestStart":218.20000004768372,"responseEnd":256,"responseStart":255.40000009536743,"secureConnectionStart":205},{"duration":10.899999856948853,"initiatorType":"link","name":"https://jira.mariadb.org/s/b04b06a02d1959df322d9cded3aeecc1-CDN/lu2bu7/820016/12ta74/a2ff6aa845ffc9a1d22fe23d9ee791fc/_/download/contextbatch/css/jira.global.look-and-feel,-_super/batch.css","startTime":205.10000014305115,"connectEnd":0,"connectStart":0,"domainLookupEnd":0,"domainLookupStart":0,"fetchStart":205.10000014305115,"redirectEnd":0,"redirectStart":0,"requestStart":0,"responseEnd":216,"responseStart":0,"secureConnectionStart":0},{"duration":58.299999952316284,"initiatorType":"script","name":"https://jira.mariadb.org/rest/api/1.0/shortcuts/820016/47140b6e0a9bc2e4913da06536125810/shortcuts.js?context=issuenavigation&context=issueaction","startTime":205.20000004768372,"connectEnd":205.20000004768372,"connectStart":205.20000004768372,"domainLookupEnd":205.20000004768372,"domainLookupStart":205.20000004768372,"fetchStart":205.20000004768372,"redirectEnd":0,"redirectStart":0,"requestStart":220.60000014305115,"responseEnd":263.5,"responseStart":262.80000019073486,"secureConnectionStart":205.20000004768372},{"duration":14.899999856948853,"initiatorType":"link","name":"https://jira.mariadb.org/s/3ac36323ba5e4eb0af2aa7ac7211b4bb-CDN/lu2bu7/820016/12ta74/d176f0986478cc64f24226b3d20c140d/_/download/contextbatch/css/com.atlassian.jira.projects.sidebar.init,-_super,-project.issue.navigator,-jira.view.issue/batch.css?jira.create.linked.issue=true","startTime":205.30000019073486,"connectEnd":0,"connectStart":0,"domainLookupEnd":0,"domainLookupStart":0,"fetchStart":205.30000019073486,"redirectEnd":0,"redirectStart":0,"requestStart":0,"responseEnd":220.20000004768372,"responseStart":0,"secureConnectionStart":0},{"duration":57.299999952316284,"initiatorType":"script","name":"https://jira.mariadb.org/s/3339d87fa2538a859872f2df449bf8d0-CDN/lu2bu7/820016/12ta74/d176f0986478cc64f24226b3d20c140d/_/download/contextbatch/js/com.atlassian.jira.projects.sidebar.init,-_super,-project.issue.navigator,-jira.view.issue/batch.js?jira.create.linked.issue=true&locale=en","startTime":205.40000009536743,"connectEnd":205.40000009536743,"connectStart":205.40000009536743,"domainLookupEnd":205.40000009536743,"domainLookupStart":205.40000009536743,"fetchStart":205.40000009536743,"redirectEnd":0,"redirectStart":0,"requestStart":220.80000019073486,"responseEnd":262.7000000476837,"responseStart":262,"secureConnectionStart":205.40000009536743},{"duration":24.09999990463257,"initiatorType":"script","name":"https://jira.mariadb.org/s/d41d8cd98f00b204e9800998ecf8427e-CDN/lu2bu7/820016/12ta74/1.0/_/download/batch/jira.webresources:bigpipe-js/jira.webresources:bigpipe-js.js","startTime":216.80000019073486,"connectEnd":225.30000019073486,"connectStart":225.30000019073486,"domainLookupEnd":225.30000019073486,"domainLookupStart":225.30000019073486,"fetchStart":216.80000019073486,"redirectEnd":0,"redirectStart":0,"requestStart":225.60000014305115,"responseEnd":240.90000009536743,"responseStart":238.60000014305115,"secureConnectionStart":225.30000019073486},{"duration":22.59999990463257,"initiatorType":"script","name":"https://jira.mariadb.org/s/d41d8cd98f00b204e9800998ecf8427e-CDN/lu2bu7/820016/12ta74/1.0/_/download/batch/jira.webresources:bigpipe-init/jira.webresources:bigpipe-init.js","startTime":217.60000014305115,"connectEnd":217.60000014305115,"connectStart":217.60000014305115,"domainLookupEnd":217.60000014305115,"domainLookupStart":217.60000014305115,"fetchStart":217.60000014305115,"redirectEnd":0,"redirectStart":0,"requestStart":226,"responseEnd":240.20000004768372,"responseStart":238,"secureConnectionStart":217.60000014305115},{"duration":201.40000009536743,"initiatorType":"xmlhttprequest","name":"https://jira.mariadb.org/rest/webResources/1.0/resources","startTime":492.90000009536743,"connectEnd":492.90000009536743,"connectStart":492.90000009536743,"domainLookupEnd":492.90000009536743,"domainLookupStart":492.90000009536743,"fetchStart":492.90000009536743,"redirectEnd":0,"redirectStart":0,"requestStart":663,"responseEnd":694.3000001907349,"responseStart":693.8000001907349,"secureConnectionStart":492.90000009536743},{"duration":108.79999995231628,"initiatorType":"script","name":"https://www.google-analytics.com/analytics.js","startTime":698.7000000476837,"connectEnd":0,"connectStart":0,"domainLookupEnd":0,"domainLookupStart":0,"fetchStart":698.7000000476837,"redirectEnd":0,"redirectStart":0,"requestStart":0,"responseEnd":807.5,"responseStart":0,"secureConnectionStart":0},{"duration":131.5,"initiatorType":"xmlhttprequest","name":"https://jira.mariadb.org/rest/webResources/1.0/resources","startTime":719.7000000476837,"connectEnd":719.7000000476837,"connectStart":719.7000000476837,"domainLookupEnd":719.7000000476837,"domainLookupStart":719.7000000476837,"fetchStart":719.7000000476837,"redirectEnd":0,"redirectStart":0,"requestStart":820.1000001430511,"responseEnd":851.2000000476837,"responseStart":850,"secureConnectionStart":719.7000000476837}],"fetchStart":0,"domainLookupStart":0,"domainLookupEnd":0,"connectStart":0,"connectEnd":0,"requestStart":58,"responseStart":199,"responseEnd":217,"domLoading":202,"domInteractive":841,"domContentLoadedEventStart":842,"domContentLoadedEventEnd":883,"domComplete":1199,"loadEventStart":1199,"loadEventEnd":1199,"userAgent":"Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com)","marks":[{"name":"bigPipe.sidebar-id.start","time":820.5},{"name":"bigPipe.sidebar-id.end","time":821.2000000476837},{"name":"bigPipe.activity-panel-pipe-id.start","time":821.4000000953674},{"name":"bigPipe.activity-panel-pipe-id.end","time":822.6000001430511},{"name":"activityTabFullyLoaded","time":903.7000000476837}],"measures":[],"correlationId":"94a93f225a8d7","effectiveType":"4g","downlink":10,"rtt":0,"serverDuration":82,"dbReadsTimeInMs":21,"dbConnsTimeInMs":28,"applicationHash":"9d11dbea5f4be3d4cc21f03a88dd11d8c8687422","experiments":[]}}
Still needed for MySQL compatibility, but as far as security is concerned, we have a secure ed25519 plugin as an alternative to the old SHA1 auth.