MySQL Internals Manual  /  X Protocol  /  Authentication

15.2 Authentication

Topics in this section:

Authentication is implemented according to RFC 4422 (SASL):

PLAIN Authentication

Figure 15.5 PLAIN Authentication

EXTERNAL Authentication

Figure 15.6 EXTERNAL Authentication

MYSQL41 Authentication

MYSQL41 authentication is:

  • supported by MySQL 4.1 and later

  • a challenge/response protocol using SHA1

  • similar to CRAM-MD5 ( RFC 2195)

1. C:
2. S: challenge
3. C: [ authzid ] \0 authcid \0 response \0
4. S: AuthenticateOk



user name


server side, one time random challenge


HEX(SHA1(password) ^ SHA1(challenge + SHA1(SHA1(password))))

Figure 15.7 MYSQL41 Authentication

User Comments
User comments in this section are, as the name implies, provided by MySQL users. The MySQL documentation team is not responsible for, nor do they endorse, any of the information provided here.
Sign Up Login You must be logged in to post a comment.