secure_auth 与 old_passwords

mysql> select version() , @@global.secure_auth;
+----------+----------------------+
| version()| @@global.secure_auth |
+----------+----------------------+
| 5.6.19   |                    1 |
+----------+----------------------+
1 row in set (0.00 sec)

secure_auth 为了防止低版本的MySQL客户端(<4.1)使用旧的密码认证方式访问高版本的服务器
MySQL 5.6.7开始secure_auth 默认为启用值1。但也可用skip-secure-auth禁用。

http://dev.mysql.com/doc/refman/5.6/en/mysql-command-options.html#option_mysql_secure-auth
Do not send passwords to the server in old (pre-4.1) format.
This prevents connections except for servers that use the newer password format.
As of MySQL 5.6.7, this option is enabled by default; use --skip-secure-auth to disable it.

1.如果old_passwords=1，则old_password()和password()加密结果相同都是16位。
mysql> set old_passwords=1;
Query OK, 0 rows affected (0.00 sec)

mysql> select @@session.old_passwords,  @@global.old_passwords ,
old_password('pass'), password('pass')\G
*************************** 1. row ***************************
@@session.old_passwords: 1
 @@global.old_passwords: 0
   old_password('pass'): 29bad1457ee5e49e
       password('pass'): 29bad1457ee5e49e
1 row in set (0.00 sec)

2.如果old_passwords=0，则old_password()加密结果是16位。
  password()加密结果是41位
mysql> set old_passwords=0;
Query OK, 0 rows affected (0.00 sec)

mysql> select @@session.old_passwords,  @@global.old_passwords ,
 old_password('pass'), password('pass')\G
*************************** 1. row ***************************
@@session.old_passwords: 0
 @@global.old_passwords: 0
   old_password('pass'): 29bad1457ee5e49e
       password('pass'): *196BDEDE2AE4F84CA44C47D54D78478C7E2BD7B7
1 row in set (0.00 sec)