Thanks very much, I did need the prefix so this is working for me:
password_hash=CONCAT("{md5}",md5(%p))
I appreciate MD5 is insecure, but its in the same boat as the shadow passwords on many UNIX and Linux systems, its only a problem if someone hacks the server. Communications are all TLS,
thanks, Andy.
PS although, yes thanks for the nudge I should look to update the hash format