diff --git a/lib/puppet/functions/mysql/mysql_password.rb b/lib/puppet/functions/mysql/mysql_password.rb
new file mode 100644
index 000000000..2f04b9898
--- /dev/null
+++ b/lib/puppet/functions/mysql/mysql_password.rb
@@ -0,0 +1,44 @@
+# This is an autogenerated function, ported from the original legacy version.
+# It /should work/ as is, but will not have all the benefits of the modern
+# function API. You should see the function docs to learn how to add function
+# signatures for type safety and to document this function using puppet-strings.
+#
+# https://puppet.com/docs/puppet/latest/custom_functions_ruby.html
+#
+# ---- original file header ----
+require 'digest/sha1'
+# ---- original file header ----
+#
+# @summary
+#       @summary
+#      Hash a string as mysql's "PASSWORD()" function would do it
+#
+#    @param [String] password Plain text password.
+#
+#    @return [String] the mysql password hash from the clear text password.
+#
+#
+Puppet::Functions.create_function(:'mysql::mysql_password') do
+  # @param args
+  #   The original array of arguments. Port this to individually managed params
+  #   to get the full benefit of the modern function API.
+  #
+  # @return [Data type]
+  #   Describe what the function returns here
+  #
+  dispatch :default_impl do
+    # Call the method named 'default_impl' when this is matched
+    # Port this to match individual params for better type safety
+    repeated_param 'Any', :args
+  end
+
+  def default_impl(*args)
+    if args.size != 1
+      raise Puppet::ParseError, _('mysql_password(): Wrong number of arguments given (%{args_length} for 1)') % { args_length: args.length }
+    end
+
+    return '' if args[0].empty?
+    return args[0] if args[0] =~ %r{\*[A-F0-9]{40}$}
+    '*' + Digest::SHA1.hexdigest(Digest::SHA1.digest(args[0])).upcase
+  end
+end
diff --git a/spec/functions/mysql_mysql_password_spec.rb b/spec/functions/mysql_mysql_password_spec.rb
new file mode 100644
index 000000000..21e49fdc4
--- /dev/null
+++ b/spec/functions/mysql_mysql_password_spec.rb
@@ -0,0 +1,40 @@
+require 'spec_helper'
+
+describe 'mysql::mysql_password' do
+  # without knowing details about the implementation, this is the only test
+  # case that we can autogenerate. You should add more examples below!
+  it { is_expected.not_to eq(nil) }
+
+  #################################
+  # Below are some example test cases. You may uncomment and modify them to match
+  # your needs. Notice that they all expect the base error class of `StandardError`.
+  # This is because the autogenerated function uses an untyped array for parameters
+  # and relies on your implementation to do the validation. As you convert your
+  # function to proper dispatches and typed signatures, you should change the
+  # expected error of the argument validation examples to `ArgumentError`.
+  #
+  # Other error types you might encounter include
+  #
+  # * StandardError
+  # * ArgumentError
+  # * Puppet::ParseError
+  #
+  # Read more about writing function unit tests at https://rspec-puppet.com/documentation/functions/
+  #
+  #   it 'raises an error if called with no argument' do
+  #     is_expected.to run.with_params.and_raise_error(StandardError)
+  #   end
+  #
+  #   it 'raises an error if there is more than 1 arguments' do
+  #     is_expected.to run.with_params({ 'foo' => 1 }, 'bar' => 2).and_raise_error(StandardError)
+  #   end
+  #
+  #   it 'raises an error if argument is not the proper type' do
+  #     is_expected.to run.with_params('foo').and_raise_error(StandardError)
+  #   end
+  #
+  #   it 'returns the proper output' do
+  #     is_expected.to run.with_params(123).and_return('the expected output')
+  #   end
+  #################################
+end