MySQL 8.0.34 brings us a new password
validation parameter. Using this, we can control the minimum
number of characters in a password that a user must change before
validate_password accepts a new password for the user’s
account.
In this blog, I offer a few scenarios showing how the parameter
validate_password.changed_characters_percentage
affects user password changes.
Requirement
To make this work, we should enable the “Password Verification-Required Policy” (introduced in MySQL 8.0.13). We can allow it to GLOBALLY by using the parameter “password_require_current” or by specifying “PASSWORD REQUIRE CURRENT” while creating or altering the user. This topic was already explained very well by Brain Sumpter in his post, …
[Read more]