Planet MySQL

Displaying posts with tag: password (reset)

Mar

2011

Posted by Darren Cassar on Mon 21 Mar 2011 18:43 UTC
Tags:

password, grant, user, user.myd, flush, flush privileges, grant privileges, mysql.user, MySQL

Disclaimer:

This post is for educational purposes only and no responsibility will be taken if you execute any of the commands. You mess it, you fix it!

Replacing a password for a user on MySQL can be done in at least four ways. Three ways at least.

1. set password for ‘user’@'host’=password(‘abc’);

2. grant usage on *.* to ‘user’@'host’ identified by ‘abc’;

3. update mysql.user set password=password(‘abc’) where user=’user’ and host=’host’;

mysql Wed Mar  9 14:27:17 2011 > set password for 'dc'@'%' = password('d');
Query OK, 0 rows affected (0.00 sec)

mysql Wed Mar  9 14:27:39 2011 > show grants for 'dc'@'%';
+---------------------------------------------------------------------------------------------------+
| Grants for dc@%                                                                                   | …

[Read more]

Jun

2009

Securich – The MySQL Security Package step by step run through

Posted by Darren Cassar on Fri 19 Jun 2009 17:02 UTC
Tags:

Uncategorized, Security, password, privileges, Advanced, password history, roles, mysql roles, mysql security, MySQL

I would like to start off by excusing myself for having had a broken link on http://www.securich.com/downloads.html when I published the latest blog post about Securich.

The tool is downloadable from there and anyone can use it for free in accordance to GPLv2.

I wanted to throw out tutorial about how to install it and use it (Note this tutorial is for version securich version 0.1.2):

Mar

2008

Pop Quiz: MySQL Password Hashing

Posted by Sheeri K. Cabral on Mon 24 Mar 2008 15:23 UTC
Tags:

Security, Group Blog Posts, password, login, database security, ACL, old_passwords, MySQL

The answers to the last pop quiz are up: http://www.pythian.com/blogs/868/pop-quiz-mysql-cluster

So here’s another pop quiz. Given the following:

Welcome to the MySQL monitor.  Commands end with ; or \g.
Your MySQL connection id is 16450949 to server version: 4.1.14-standard-log

Type 'help;' or '\h' for help. Type '\c' to clear the buffer.

mysql> select count(*),length(password) from mysql.user group by length(password);
+----------+------------------+
| count(*) | length(password) |
+----------+------------------+
|       49 |               16 |
|       31 |               41 |
+----------+------------------+
2 rows in set (0.00 sec)

mysql> select password('foo');
+-------------------------------------------+
| password('foo')                           |
+-------------------------------------------+
| *F3A2A51A9B0F2BE2468926B4132313728C250DBF | …

[Read more]

Nov

2005

Checking password strength using md5.rednoize.com and AJAX

Posted by Marcel Oelke on Thu 10 Nov 2005 14:36 UTC
Tags:

PHP, ajax, Security, md5, password, MySQL

With some inspiration from Ben Ramsey i created a little demo for using my md5 database during the signup process on a website.

This example demonstrates the use of the MD5 database at http://md5.rednoize.com and AJAX to check password strength during signup on a website. After supplying a username and a password, a md5 hash of the password is generated using Paul Johnston's md5 javascript library.

The hash of the password (not the password itself) is then sent to http://md5.rednoize.com. If the website returns a result for the given password (hence the hash password combination is stored in the md5 database) it can be regarded as …

[Read more]

Top Authors

Oracle MySQL Blogs

Team Blogs

Vendor Blogs

Search

MySQL Links