I've found a maybe better solution that's even easier to implement. First make sure you selected the account database:
Then you can run the following query to create your function. Make sure to replace the peppervariable with something of your own!
CREATE FUNCTION enc_pw(s CHAR(24)) RETURNS CHAR(50) DETERMINISTIC RETURN PASSWORD(CONCAT("thisisyourpeppervariable", s));
Then you won't have to add your pepper variable anywhere. Just use the enc_pw() function in your queries. For example:
This'll return the password you need.
+ No need to store your pepper variable anywhere at your webserver etc.
+ Easy to use implementation
+ Easy changeable. You can for example add AES-encryption which is also supported by mysql to your function.
The function is persistent. It'll even be there after a reboot.
If you change something you'll first have to drop the old function:
DROP FUNCTION enc_pw;
Simple as that. In your source code you'll only have to edit input_auth.cpp to simply use enc_pw() instead of PASSWORD() for your query. You can also use the function at your webserver. So people who could've get access to your webserver won't be able to retreive your peppervariable. In addition: You can, as I stated, change the encryption completely. You can for example use SHA2(), AES or anything else that comes into your mind to even further encrypt it - twice if needed. Hackers won't know what encryption algorithm you're using. They'll be clueless unless they get to see the actual function. If you manage your permissions right and only allow your homepage user acces to the tables itself (You'll only need select, insert and update for some tables, NOT the actual database itself) people won't even be able to have insight to the function. You can test it. Log in as your homepage user, select the database account and run the following command:
SHOW CREATE FUNCTION enc_pw;
If it shows you the function routine, then you have permission to do so and you should lower the permission you give to your homepage account.
If used wisely it's a very secure procedure.