Error: MySQLnd Cannot Connect to MySQL 4.1+ Using the Old Insecure Authentication

  • Home
  • Languages
  • PHP
  • Error: MySQLnd Cannot Connect to MySQL 4.1+ Using the Old Insecure Authentication

Error: mysqlnd cannot connect to MySQL 4.1+ using the old insecure authentication

  • Remove or comment old_passwords = 1 in my.cnf

Restart MySQL. If you don’t, MySQL will keep using the old password format, which will mean that you cannot upgrade the passwords using the builtin PASSWORD() hashing function.

The old password hashes are 16 characters, the new ones are 41 characters.

  • Connect to the database, and run the following query:

    SELECT user, Length(`Password`) FROM  `mysql`.`user`;

This will show you which passwords are in the old format, e.g.:


+----------+--------------------+
| user     | Length(`Password`) |
+----------+--------------------+
| root     |                 41 |
| root     |                 16 |
| user2    |                 16 |
| user2    |                 16 |
+----------+--------------------+

Notice here that each user can have multiple rows (one for each different host specification).

To update the password for each user, run the following:

UPDATE mysql.user SET Password = PASSWORD('password') WHERE user = 'username';

Finally, flush privileges:

FLUSH PRIVILEGES;

Source: How to fix "mysqlnd cannot connect to MySQL 4.1+ using old authentication" on PHP5.3

Cannot connect to MySQL 4.1+ using old authentication

edit: This only applies if you are in control of the MySQL server... if you're not take a look at Mysql password hashing method old vs new

First check with the SQL query

SHOW VARIABLES LIKE 'old_passwords'

(in the MySQL command line client, HeidiSQL or whatever front end you like) whether the server is set to use the old password schema by default. If this returns old_passwords,Off you just happen to have old password entries in the user table. The MySQL server will use the old authentication routine for these accounts. You can simply set a new password for the account and the new routine will be used.

You can check which routine will be used by taking a look at the mysql.user table (with an account that has access to that table)

SELECT `User`, `Host`, Length(`Password`) FROM mysql.user

This will return 16 for accounts with old passwords and 41 for accounts with new passwords (and 0 for accounts with no password at all, you might want to take care of those as well).

Either use the user management tools of the MySQL front end (if there are any) or

SET PASSWORD FOR 'User'@'Host'=PASSWORD('yourpassword');
FLUSH Privileges;

(replace User and Host with the values you got from the previous query.) Then check the length of the password again. It should be 41 now and your client (e.g. mysqlnd) should be able to connect to the server.

see also the MySQL documentation:
* http://dev.mysql.com/doc/refman/5.0/en/old-client.html

* http://dev.mysql.com/doc/refman/5.0/en/password-hashing.html

* http://dev.mysql.com/doc/refman/5.0/en/set-password.html

mysqlnd cannot connect to MySQL 4.1+ using the old insecure authentication

Figured it out! Was an oversight on my part. Apparently, in ZenCart there are 2 files where you have to set your database configuration. One is for the catalog and one for the admin area. Doesn't make a whole lot of sense to me since both of them connect to the same DB. Maybe it has something to do with being able to use one db user for the catalog and one for the admin for security reasons. I just setup a local copy and changed one of the config files without changing the other. The file causing the problems was still pointed at my production database. Knew it had to be something simple!

Remote mySQL connection throws cannot connect to MySQL 4.1+ using the old insecure authentication error from XAMPP

I'm not really clear on why this became an issue on my XAMPP installation, since I'm also running PHP 5.3.x on the server's local box and wasn't experiencing those issues there. However, it has to do with my mySQL server running in "old password" encryption mode. Newer versions of PHP won't allow those kinds of connections, so you need to update your mySQL server to use the newer password encryption. Here are the steps, assuming you have control over the mySQL server. If you don't, that falls out of the scope of my knowledge.

  1. locate the configuration file for the mysql server called my.cnf. I found mine at /etc/my.cnf. You can edit it with sudo nano /etc/my.cnf

  2. Look for a line that says old_passwords=1 and change that to old_passwords=0. You have now told the server that the next time it is run, and it is asked to encrypt a password using the PASSWORD() command, it use the new 41-character encryption rather than the 16-character 'old' style encryption

  3. Now you have to restart your mysql server / service. YMMV, but on Fedora that was easily done with sudo service mysqld restart. Check your OS' instructions for restarting the mysql daemon or service

  4. Now we have to actually edit our user table within mysql. So open up an interactive shell to mysql (on the server you can type mysql -uYourRootUsername -pYourRootPassword)

  5. Change to the mysql database. This is the database that holds all the good stuff for server operation and authentication. You must have root access to work with this database. If you get an 'access denied' you're SOL. Sorry. use mysql; will switch to that database

  6. Now we want to update the user that was giving you grief. Ultimately you'll probably want to update all your users, but for now, we're just focusing on the user that threw the error. update user set Password=password('YOUR_PASSWORD') where User='YOUR_USERNAME';

  7. Now you just need to tell mysql to use the new password for authentication when that user attempts to connect. flush privileges;.

You should be good to go!

PHP 5.4 PDO could not connect to MySQL 4.1+ using the old insecure authentication

SOLVED!

Although the SET SESSION old_passwords=0; wasn't working in phpMyAdmin.

I downloaded the MySQL GUI Tools and used the MySQL Query Browser to execute the same command on non-DBO user:

SET SESSION old_passwords = 0;

SELECT @@global.old_passwords, @@session.old_passwords, Length(PASSWORD('abc'));

now returned:

1      0      41

So I simply changed the password:

SET PASSWORD = PASSWORD('my_old_password')

And now PHP 5.4 PDO connects to the database with that user!


Related Topics

Laravel Migration Table Already Exists, But I Want to Add New Not the Older

What's the Difference Between Array_Merge and Array + Array

PHP Cli Getting Input from User and Then Dumping into Variable Possible

Codeigniter Activerecord, Retrieve Last Insert Id

How to Run a Cronjob Every X Minutes

Composer Update Failed -- Out of Memory

Design Patterns: How to Create Database Object/Connection Only When Needed

How to Set Cron Job Url for Codeigniter

Accessing an Associative Array by Integer Index in PHP

Getting Relative Path from Absolute Path in PHP

Phpmailer: Reply Using Only "Reply To" Address

MySQL Can't Perform More Than 1 Query at a Time

How to Use Prepare() with Dynamic Column Names

How to Install Pdo_Sqlsrv on My Windows 2008 Server 2008 R2

Can't Install PHPunit via Pear, Requires Pear Installer >= 1.9.2, Can't Upgrade Pear from 1.9.0

Get the First or Last Friday in a Month

PHP Regex Word Boundary Matching in Utf-8

How to Connect SQL Server with PHP Using Xampp


Leave a reply



Submit