[kijin]

> issue a warning when you create a "password" VARCHAR in MySQL

I put my salted and bcrypt'ed passwords in a CHAR or VARCHAR column named "password". Anything wrong with that? Should I change the name of the column to something like "hashed_password"?

[aptwebapps]

The name of the column isn't a problem, rather it's an opportunity to nudge the developer a bit. Or that's how I read the GP's comment.

[lstamour]

Indeed. It's that even if you store a hash, it might still not follow best practices getting there. Perhaps I should be petitioning sqlite, since it's more of a developer warning than a production one. But really -- it was a joke ;-)