I had recently Installed MySQL v5.7 on Debian 8 Jessie. After the successful installation of MySQL, to improve the security of MySQL installation, ran the below command:
# mysql_secure_installation
The above command will prompt for the root password. Enter the password you created during the installation. A series of questions are asked for which you need to say yes or no. In the series of of question, the first question is :
VALIDATE PASSWORD PLUGIN can be used to test passwords and improve security. It checks the strength of password and allows the users to set only those passwords which are secure enough. Would you like to setup VALIDATE PASSWORD plugin? Press y|Y for Yes, any other key for No:
If you had pressed yes, then the successive question is:
There are three levels of password validation policy: LOW Length >= 8 MEDIUM Length >= 8, numeric, mixed case, and special characters STRONG Length >= 8, numeric, mixed case, special characters and dictionary file Please enter 0 = LOW, 1 = MEDIUM and 2 = STRONG:
Based on the level of password validation policy set above, the user creation and password setting, should comply to above policy you had set. No doubt, this is a very good feature, but annoying also!
Note: I strongly recommend enabling this plugin. In case, if you need to disable it, then here’s the guide.
How to disable MySQL password validation plugin in MySQL 5.7 version
Step 1: Login to MySQL :
#mysql -h localhost -u root -p Enter Password: mysql> uninstall plugin validate_password; Query OK, 0 rows affected (0.02 sec)
If you are not able to remove the plugin, then reduce the password validation policy to LOW in /etc/my.cnf as below and then run mysql_secure_installation, set an easy password for root, login to the mysql system and then run the uninstall plugin command.
# vim /etc/my.cnf validate_password_policy=LOW
How to disable MySQL password validation plugin in MySQL 8.0 version (MariaDB)
Step 1: Login to MySQL:
#mysql -h localhost -u root -p
Enter Password:
mysql>UNINSTALL COMPONENT 'file://component_validate_password'; Query OK, 0 rows affectHow to enable password validation in MySQL 5.7 version
Step 1: Login to MySQL :
#mysql -h localhost -u root -p Enter Password: mysql> install plugin validate_password SONAME 'validate_password.so'; Query OK, 0 rows affected (0.02 sec)
How to enable password validation in MySQL 8.0 version (MariaDB)
Step 1: Login to MySQL :
#mysql -h localhost -u root -p
Enter Password:
mysql>INSTALL COMPONENT 'file://component_validate_password'; Query OK, 0 rows affected (0.02 sec)However annoying during the user creation, you need to use such security plugins to make sure you are secure.
