File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
The moose likes JDBC and Relational Databases and the fly likes mysql encrypt() Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Databases » JDBC and Relational Databases
Bookmark "mysql encrypt()" Watch "mysql encrypt()" New topic

mysql encrypt()

Peter Straw
Ranch Hand

Joined: Jan 08, 2002
Posts: 79
We have to use the mysql encrypt() function to store passwords in a database. Does anybody know how to use java to verify if a password submitted by a user matches the mySQL encrypted password in the database please?
Many thanks.
Sainudheen Mydeen
Ranch Hand

Joined: Aug 18, 2003
Posts: 218
If you have a method in mysql to compare a value with an encrypted value column of your table, you can use the same method in SQL statement of your JDBC code. JDBC API simply passes SQL to the database.
Peter Straw
Ranch Hand

Joined: Jan 08, 2002
Posts: 79
yes thanks, but it seems that every time the mysql encrypt( )function is called it returns something different. For example
select encrypt("password");
run several times will return a different value each time.
Gregg Bolinger
GenRocket Founder
Ranch Hand

Joined: Jul 11, 2001
Posts: 15302

I would suggest using the MD5 function in MySQL to store the passwords. This ensures a standard hash for any 3rd party app that must authenticate to the database somehow.
Usage of the MD5 function can be found here
When you use the encrypt function, it is using the same thing as the UNIX crypt command which requires a "salt" to be given to the algorithm. The salt is not required, so when you don't provide the "salt" I think MySQL randomly chooses one for you. So that is probably why it is different everytime.

GenRocket - Experts at Building Test Data
I agree. Here's the link:
subject: mysql encrypt()
It's not a secret anymore!