Dual-password capability makes it possible to seamlessly perform credential changes without downtime.
2 Older Entries »
DBA can configure user accounts such that too many consecutive login failures cause temporary account locking.
The post MySQL Security - Failed-Login Tracking and Temporary Account Locking first appeared on dasini.net - Diary of a MySQL expert.
MySQL 8.0 has introduced an optional behavior that authorize users to change their password only if they could provide the current password.
The post MySQL Security - Password Verification-Required Policy first appeared on dasini.net - Diary of a MySQL expert.
MySQL Enterprise Data Masking and De-Identification hides sensitive information by replacing real values with substitutes in order to protect sensitive data while they are still look real and consistent.
Requirement 6 of PCI DSS v1.2 states that in order to be compliant, an organization must: “Develop and maintain secure systems and applications” “Unscrupulous individuals use security vulnerabilities to gain privileged access to systems. Many of these vulnerabilities are fixed by vendor- provided security patches, which must be installed by the entities that manage the [...]
Requirement 4 of PCI DSS v1.2 states that we must: “Encrypt transmission of cardholder data across open, public networks” Specifically, “Sensitive information must be encrypted during transmission over networks that are easily accessed by malicious individuals. Misconfigured wireless networks and vulnerabilities in legacy encryption and authentication protocols can be continued targets of malicious individuals who [...]
Requirement 3 of the PCI DSS v1.2 is: “Protect Stored Cardholder Data” As vague as that sounds, the PCI DSS enumerates exactly what that covers: Data Element Storage Permitted Protection Required PCI DSS Req 3.4 Primary Account Number Yes Yes Yes Cardholder Name* Yes Yes No Service Code* Yes Yes No Expiration Date* Yes Yes [...]
2 Older Entries »