Are your MySQL users using ‘password’, ‘s3cr3t’, or ‘thebossisajerk’ as their passwords? Easy-to-guess passwords can be disastrous to the security of your data, but there is a way to exclude inappropriate words or phrases from being used. The first step is to compile a list of words and phrases you want to exclude, and that […]
10 Older Entries »
The AWS KMS component is now available in Percona Server for MySQL starting from version 8.0.30. This addition enables data-at-rest encryption by utilizing the AWS KMS component, providing the functionality to create and manage cryptographic keys across AWS services.How do we set up encryption using AWS KMS?You should only load a keyring component with a […]
Managing storage and performance efficiently in your MySQL database is crucial, and general tablespaces offer flexibility in achieving this. This blog discusses general tablespaces and explores their functionalities, benefits, and practical usage, along with illustrative examples.What are MySQL general tablespaces?In contrast to the single system tablespace that holds system tables by default, general tablespaces are […]
Managing database servers involves different aspects, among which security is critical. We know that we should always grant the minimal required permissions to the different user accounts in the database, as having a user with high-level permission can lead to unexpected results, such as having an index drop affecting the system performance or even more […]
MySQL 8.0.34 brings us a new password
validation parameter. Using this, we can control the minimum
number of characters in a password that a user must change before
validate_password accepts a new password for the user’s
In this blog, I offer a few scenarios showing how the parameter
affects user password changes.
To make this work, we should enable the “Password Verification-Required Policy” (introduced in MySQL 8.0.13). We can allow it to GLOBALLY by using the parameter “password_require_current” or by specifying “PASSWORD REQUIRE CURRENT” while creating or altering the user. This topic was already explained very well by Brain Sumpter in his post, …[Read more]
The Vitess Maintainer team is pleased to announce the results of a recent third-party security audit of the Vitess code base. Vitess had previously been audited in 2019. Given the amount of time that has passed, and the magnitude of change during that time, the maintainer team decided to request a fresh audit. Starting in March 2023, an independent team from Ada Logics performed a full security audit of Vitess with a special focus on VTAdmin, which is a relatively new addition to Vitess.
Learn how the parallel index rebuild feature in MySQL 8.0.31 improves performance by optimizing index and column additions. Explore the multithreaded insert phase, sort index build process, and system configurations for enhanced efficiency.[Read more]
As a database administrator, have you ever been in a situation when your database confronted a brute force attack? A brute force attack can be launched against a user account in MySQL. MySQL replies with success or error based on supplied credentials, and the time required for the verification is almost the same in either case. Hence, an attacker can launch a brute force attack against a MySQL user account at a rapid rate and can try many different passwords.
According to cryptography, a brute-force attack consists of an attacker trying many passwords or passphrases with the hope of eventually guessing correctly. The attacker systematically checks all possible passwords and passphrases until the correct one is found.
It’s not just brute force attacks going on; the IT industry has recently seen a steady increase in distributed denial of service (DDoS) attacks. Have you also been targeted in such a type of connection flow on port …[Read more]
Discover how to troubleshoot a MySQL replica IO thread stuck in a connecting state. Learn about the replication architecture, security group rules for AWS EC2 instances, and how to address common issues like network restrictions and bind address configuration.
MySQL is a powerful database management and a widely used cloud database service. One of its key features is the ability to create replicas of a master database to improve its availability and scalability. However, at times the IO thread in a MySQL replica may get stuck in a connecting state, which can cause replication issues and affect the overall data consistency …[Read more]
Sometimes crucial data sharing is avoided because of compliance rules, organizational policies, or numerous security concerns. The common use cases involve sharing pt-mysql-summary, pt-stalk, and other OS-related details to assist Support Engineers or any other third-party team troubleshoot database-related issues.
In this context, pt-secure-collect is a very important utility from Percona, which helps capture the required information securely and also provides aid in masking the existing information.
Pt-secure-collect helps in collecting, sanitizing, and encrypting data from various sources. By default, this utility collects the output with the help of pt-stalk, pt-summary, and pt-mysql-summary.
Let’s see how this tool …[Read more]
10 Older Entries »