DEV Community

loading...
Cover image for How to implement password policy on your MySQL databases

How to implement password policy on your MySQL databases

mrboogiej
Updated on ・1 min read

Check out how to use 'validate_password' to set up strong password policy to better protect your production database in 10 mins.

Watch Now >
Explore Cloud Managed RDS MySQL for FREE >

Official Documentation >

【Scripts】
Mysql 5.7

// weak password
create user test identified by 'admin';
Drop user test;

//check if validate_password is installed?
SELECT PLUGIN_NAME, PLUGIN_LIBRARY, PLUGIN_STATUS, LOAD_OPTION 
FROM INFORMATION_SCHEMA.PLUGINS 
WHERE PLUGIN_NAME = 'validate_password';

// install plugin
INSTALL PLUGIN validate_password SONAME 'validate_password.so';

// check status
select * from mysql.plugin;
SHOW GLOBAL VARIABLES LIKE 'validate_password%';

// test 
create user test identified by '123456';
create user test identified by 'Passw@rd1';
drop user test;

//change variables
SET GLOBAL validate_password_policy=LOW;

//uninstall
UNINSTALL PLUGIN  validate_password;
Enter fullscreen mode Exit fullscreen mode

===========
MySQL 8.0

// weak password
create user test identified by 'administrator';
Drop user test;

// check if installed?
SELECT * FROM mysql.component;

// install the component
INSTALL COMPONENT 'file://component_validate_password';

// see system variables
show variables like 'validate_password%';
SHOW STATUS LIKE 'validate_password%';

// test
create user test identified by '123456';
create user test identified by 'Passw@rd1';
drop user test;

// change the variables
SET GLOBAL validate_password_policy=STRONG;

// uninstall
UNINSTALL COMPONENT 'file://component_validate_password';
Enter fullscreen mode Exit fullscreen mode

Discussion (0)