How to use `bcrypt` algorithm within `encrypt` function in MySQL for verifying password?
I have bcrypted value($2y$10$zQaDT8hXM4pLmBdwN0xEseda/oKJAQKMKMzUrV8jbs6Epz28BXzBS) of password (qwe). But when I am verifying I am getting wrong result hash value.
mysql> select '$2y$10$zQaDT8hXM4pLmBdwN0xEseda/oKJAQKMKMzUrV8jbs6Epz28BXzBS' = encrypt('qwe', '$2y$10$zQaDT8hXM4pLmBdwN0xEseda/oKJAQKMKMzUrV8jbs6Epz28BXzBS') as is_valid;
+----------+
| is_valid |
+----------+
| 0 |
+----------+
select encrypt('qwe', '$2y$10$zQaDT8hXM4pLmBdwN0xEseda/oKJAQKMKMzUrV8jbs6Epz28BXzBS') as hash;
+---------------+
| hash |
+---------------+
| $2tBKnsbV2Szg |
+---------------+
md5 works fine
mysql> select '$1$$.dCRcHz4ApIYzcA0g/qz3/' = encrypt('qwe', '$1$$.dCRcHz4ApIYzcA0g/qz3/') as is_valid;
+----------+
| is_valid |
+----------+
| 1 |
+----------+
How to add support of bcrypt to MySQL?
Answer
You can't. The MySQL ENCRYPT() function uses the operating system's crypt() function — if your operating system does not support bcrypt hashes, MySQL will not support them either.
Also, do not use the MySQL ENCRYPT() function. As ircmaxell noted, any data you pass to a MySQL query may end up in server log files, so it's potentially unsafe to use it for anything password-related.