2 min read | by Jordi Prats
Using the validate_password plugin we can define minimum security requirements for MySQL passwords:
mysql> GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, REFERENCES, INDEX, ALTER ON `dbdemo`.* TO 'demouser'@'%' identified by 'demopassword';
ERROR 1819 (HY000): Your password does not satisfy the current policy requirements
mysql> GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, REFERENCES, INDEX, ALTER ON `dbdemo`.* TO 'demouser'@'1.2.3.4' identified by 'demopassword';
ERROR 1819 (HY000): Your password does not satisfy the current policy requirements
Obviously for certain environments this plugin can be problematic so we may want to disable it.
We can disable the plugin using the following command:
mysql> uninstall plugin validate_password;
Query OK, 0 rows affected (0.04 sec)
After this, passwords will no longer be examined with minimum security criteria:
mysql> GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, REFERENCES, INDEX, ALTER ON `dbdemo`.* TO 'demouser'@'%' identified by 'demopassword';
Query OK, 0 rows affected, 1 warning (0.06 sec)
mysql> GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, REFERENCES, INDEX, ALTER ON `dbdemo`.* TO 'demouser'@'1.2.3.4' identified by 'demopassword';
Query OK, 0 rows affected, 1 warning (0.01 sec)
Posted on 19/03/2019