Planet MySQL Planet MySQL: Meta Deutsch Español Français Italiano 日本語 Русский Português 中文
Showing entries 1 to 10 of 17 7 Older Entries

Displaying posts with tag: password (reset)

MySQL Password Security Changes for PHP Developers
Employee +1 Vote Up -0Vote Down

MySQL 5.7 introduced many new facets to password security. The first thing most notice is that you are assigned a random root password at installation time. You then have to search the log file for this random password, use it to login, and then change it. For the examples on the post I am using a fresh install of 5.7.13 on Oracle Linux 7.1 and was provided with the easy to remember password of nLvQRk7wq-NY which to me looked like I forgot to hit escape when trying to get out of vim. A quick ALTER USER to change the password and you are on your way. Defaults …

  [Read more...]
Expired MySQL passwords
+0 Vote Up -0Vote Down

I was surprised to find on one of my websites the message “Connect failed: Your password has expired. To log in you must change it using a client that supports expired passwords.

Not knowing that I was using a MySQL password expiry policy I reviewed the 5.7 documentation quickly which *clearly* states “The default default_password_lifetime value is 0, which disables automatic password expiration.”.

I then proceeded to investigate further, my steps are below the following comment.

However, it is always important with MySQL …

  [Read more...]
MySQL 5.7 auto-generated root password
+1 Vote Up -0Vote Down

Hi There.

You may have noticed something different when you install a fresh copy of MySQL 5.7 either via yum or using binary source. The root password is auto-generated.
Ok and where can I find it ?

Centos
cat /var/log/mysqld.log | grep "A temporary password is generated for" | awk '{print $NF}'
Example:

[root@master ~]# cat /var/log/mysqld.log | grep "A temporary password is generated for" | awk '{print $NF}'
a3BGf#TY.pBj

Binary distribution
Once you initialization the datadir mysqld --initialize you will see the bellow log printed …




  [Read more...]
Improved ALTER USER syntax support in 5.7
+1 Vote Up -0Vote Down

Complimenting the expanded CREATE USER syntax introduced in MySQL Server 5.7.6 is more useful ALTER USER syntax.  Before MySQL Server 5.7.6, ALTER USER could only be used to expire a user’s password.  That’s pretty limited.  With changes made in MySQL Server 5.7.6, a better distinction is made between privilege-level …

  [Read more...]
Emulating roles with expanded proxy user support in 5.7.7
+2 Vote Up -0Vote Down

MySQL has provided support for proxy users since version 5.5, but the roles-like capabilities offered have been largely unnoticed until recently.  Part of that has been due to limitations on which types of accounts could leverage proxy user capabilities.  This changes with the release of MySQL Server 5.7.7 (Release …

  [Read more...]
Stop using FLUSH PRIVILEGES
+0 Vote Up -0Vote Down

Mermaids have the same probability of fixing your permission problems, but people continue believing in the FLUSH PRIVILEGES myth.I see suggesting the usage of FLUSH PRIVILEGES every time someone writes a tutorial or a solution to a problem regarding creating a new account or providing different privileges. For example, the top post on /r/mysql as of the writing of these lines, …

  [Read more...]
Dejad de usar FLUSH PRIVILEGES
+0 Vote Up -0Vote Down

Una sirena tiene las mismas probabilidades de arreglar tus problemas de permisos, la diferencia es que la gente continúa creyendo en el mito de FLUSH PRIVILEGES.Cada vez que alguien escribe un tutorial o solución a un problema relacionado con la creación de una nueva cuentas de usuario o la provisión de diferentes privilegios veo la sugerencia de utilizar FLUSH PRIVILEGES. Por ejemplo, el primer post en /r/mysql en el momento de escribir estas líneas, …

  [Read more...]
Batch mode and expired passwords
+3 Vote Up -0Vote Down

A series of related discussions triggered by difficulty in setting passwords via scripts using the mysql command-line client when an account has an expired password caused me to look into the interaction between expired passwords and batch mode, and this blog post resulted.  I …

  [Read more...]
How to change user password on MySQL
+0 Vote Up -0Vote Down

Today let’s talk about how to change MySQL user password

We can use 2 ways, 1 – mysqladmin, 2 – linguagem SQL

1. mysqladmin:

The syntax is easy:

 mysqladmin -u USER -p password NEWPASSWORD 

Let’s then change the password of ‘marcelo’ user to ’123′

mysqladmin -u marcelo -p password '123'

For this command, we have 3 problems:

. You can just change your own user

. You need SUPER PRIVILEGES to run this command

. If you share you linux user account with other users, this command will appear on historic, to avoid it we can …

  [Read more...]
One-way Password Crypting Flaws
+0 Vote Up -0Vote Down

I was talking with a client and the topic of password crypting came up. From my background as a C coder, I have a few criteria to regard a mechanism to be safe. In this case we’ll just discuss things from the perspective of secure storage, and validation in an application.

  1. use a digital fingerprint algorithm, not a hash or CRC. A hash is by nature lossy (generates evenly distributed duplicates) and a CRC is intended to identify bit errors in transmitted data, not compare potentially different data.
  2. Store/use all of the fingerprint, not just part (otherwise it’s lossy again).
  [Read more...]
Showing entries 1 to 10 of 17 7 Older Entries

Planet MySQL © 1995, 2016, Oracle Corporation and/or its affiliates   Legal Policies | Your Privacy Rights | Terms of Use

Content reproduced on this site is the property of the respective copyright holders. It is not reviewed in advance by Oracle and does not necessarily represent the opinion of Oracle or any other party.