MySQL5.7.12新密码登录方式及密码策略
MySQL5.7.12新密碼登錄方式及密碼策略
在Centos6.6上安裝MySQL5.7.12時,遇到了一個問題
安裝后在/root目錄下沒有發(fā)現(xiàn)有.mysql_secret這個文件,所以沒有沒法按照官方文檔上說的那樣使用,這里記錄下,
解決方式:
[root@test?~]#?mysqld_safe?--skip-grant-tables?&]?~]#?--19T12::.564385Z?mysqld_safe?Logging?to?--19T12::.589376Z?mysqld_safe?Starting?mysqld?daemon?with?databases?from?/var/lib/~]#??-ef?|??????:?pts/????::?/bin/?/usr/bin/mysqld_safe?--skip-grant-?????:?pts/????::?/usr/sbin/mysqld?--basedir=/usr?--datadir=/var/lib/mysql?--plugin-=/usr/lib64/mysql/plugin?--user=mysql?--skip-grant-tables?--log-error=/var/log/mysqld.log?--pid-=/var/run/mysqld/mysqld.pid?--socket=/var/lib/mysql/[root@test?~]#?mysql
成功登錄MySQL后:
切換到mysql系統(tǒng)庫:mysql>?use?mysql;修改root賬戶登錄密碼:mysql>?update?user?set?password=password('')?where?user='root'; ERROR?1054?(42S22):?Unknown?column?'password'?in?'field?list'---報錯沒有password這個數(shù)據(jù)字段列描述user表mysql>?desc?user; ...|?authentication_string??|?text??????????????????????????????|?YES??|?????|?NULL??????????????????|???????||?password_expired???????|?enum('N','Y')?????????????????????|?NO???|?????|?N?????????????????????|???????||?password_last_changed??|?timestamp?????????????????????????|?YES??|?????|?NULL??????????????????|???????||?password_lifetime??????|?smallint(5)?unsigned??????????????|?YES??|?????|?NULL??????????????????|???????||?account_locked?????????|?enum('N','Y')?????????????????????|?NO???|?????|?N?????????????????????|???????|+------------------------+-----------------------------------+------+-----+-----------------------+-------+---沒發(fā)現(xiàn)password列,但是找到這5個跟密碼相關(guān)的數(shù)據(jù)字段查詢一下相關(guān)的密碼信息:mysql>?select?user,host,authentication_string,password_expired?from?user;+-----------+-----------+-------------------------------------------+------------------+|?user??????|?host??????|?authentication_string?????????????????????|?password_expired?|+-----------+-----------+-------------------------------------------+------------------+|?root??????|?localhost?|?*9AA01F6E2A80A823ACB72CC07337E2911404B5B8?|?Y????????????????||?mysql.sys?|?localhost?|?*THISISNOTAVALIDPASSWORDTHATCANBEUSEDHERE?|?N????????????????|+-----------+-----------+-------------------------------------------+------------------+---到這里不難發(fā)現(xiàn)root賬戶的密碼已過期,還比5.6多出了一個mysql.sys用戶修改密碼mysql>?update?user?set?authentication_string=password('123abc')?where?user='root'; Query?OK,?1?row?affected?(0.00?sec) Rows?matched:?1??Changed:?1??Warnings:?0mysql>?flush?privileges; Query?OK,?0?rows?affected?(0.00?sec)mysql>?exit
密碼修改成功,測試:
/etc/init.d/-?is?.-enterprise-commercial-mysql?(HY000):?You?must?reset?your?password?using?????root@?identified???(HY000):?Your?password?does??satisfy?the????@?identified???rows?affected?(?????????????information_schema??mysql???????????????performance_schema??sys?????????????????rows???(?sec)
?關(guān)于密碼策略
mysql>?SHOW?VARIABLES?LIKE?'validate_password%';+--------------------------------------+--------+|?Variable_name????????????????????????|?Value??|+--------------------------------------+--------+|?validate_password_dictionary_file????|????????||?validate_password_length?????????????|?8??????||?validate_password_mixed_case_count???|?1??????||?validate_password_number_count???????|?1??????||?validate_password_policy?????????????|?MEDIUM?||?validate_password_special_char_count?|?1??????|+--------------------------------------+--------+6?rows?in?set?(0.02?sec)?mysql>?show?plugins;+----------------------------+----------+--------------------+----------------------+-------------+|?Name???????????????????????|?Status???|?Type???????????????|?Library??????????????|?License?????|+----------------------------+----------+--------------------+----------------------+-------------+|?binlog?????????????????????|?ACTIVE???|?STORAGE?ENGINE?????|?NULL?????????????????|?PROPRIETARY?|...|?validate_password??????????|?ACTIVE???|?VALIDATE?PASSWORD??|?validate_password.so?|?PROPRIETARY?|+----------------------------+----------+--------------------+----------------------+-------------+---可以通過在配置文件[mysqld]標簽中添加?validate_passwor=off?,來關(guān)閉密碼策略如下: ...|?validate_password??????????|?DISABLED?|?VALIDATE?PASSWORD??|?validate_password.so?|?PROPRIETARY?|+----------------------------+----------+--------------------+----------------------+-------------+
總結(jié)
1)?安裝好mysql后,第一次啟動時,root管理密碼會在/root/.mysql_secret中隨機生成
2)?至5.7后,MySQL的 mysql.user 表中的密碼字段由之前的 password 改為 authentication_string
3)?使用--skip-grant-tables 參數(shù)啟動,跳過MySQL的授權(quán)驗證,--skip-networking參數(shù),跳過遠程登錄
4) 修改MySQL密碼方式:
法1:update?user?set authentication_string=password('123abc')?where?user='root';
法2:set?password=password('newpassword');
法3:alter?user?root@'localhost'?identified by?'oracle';
法4:在shell下使用MySQL工具:mysqladmin?-uroot?-poldpassword?pasword?"newpassword"
5) 關(guān)于MySQL密碼策略:
決定是否使用該插件(及強制/永久強制使用)
--validate-password=ON/OFF/FORCE/FORCE_PLUS_PERMANENT
?
validate_password_dictionary_file ? ? ? ? ??> 插件用于驗證密碼強度的字典文件路徑。
validate_password_length ? ? ? ? ? ? ? ? ? ? ? ?> 密碼最小長度。
validate_password_mixed_case_count ? ??> 密碼至少要包含的小寫字母個數(shù)和大寫字母個數(shù)。
validate_password_number_count > 密碼至少要包含的數(shù)字個數(shù)。
validate_password_policy ? ? ? ? ? ? ? ? ? ? ? ??> 密碼強度檢查等級,0/LOW、1/MEDIUM、2/STRONG。
validate_password_special_char_count ? ?> 密碼至少要包含的特殊字符數(shù)。
?
其中關(guān)于validate_password_policy-密碼強度檢查等級:
0/LOW >?只檢查長度。
1/MEDIUM ? ? ?>?檢查長度、數(shù)字、大小寫、特殊字符。
2/STRONG ? ? ?>?檢查長度、數(shù)字、大小寫、特殊字符字典文件。
后記
經(jīng)過一段時間后,發(fā)現(xiàn)mysql初始密碼原來被記錄到了日志文件中
查找日志位置 [root@test?/var/lib/mysql]#??-ef?|?????????:?pts/????::?/bin/?/usr/bin/mysqld_safe?--datadir=/var/lib/mysql?--socket=/var/lib/mysql/mysql.sock?--pid-=/var/run/mysqld/mysqld.pid?--basedir=/usr?--user=?????:?pts/????::?/usr/sbin/mysqld?--basedir=/usr?--datadir=/var/lib/mysql?--plugin-=/usr/lib64/mysql/plugin?--user=mysql?--log-error=--pid-=/var/run/mysqld/mysqld.pid?--socket=/var/lib/mysql/?????:?pts/????::??--/var/lib/mysql]#????/var/log/--17T16::.059632Z??[Note]?A?temporary?password?is?generated??root@localhost:
原文路徑:http://www.cnblogs.com/jonsea/p/5510219.html
轉(zhuǎn)載于:https://blog.51cto.com/as007012/1862244
總結(jié)
以上是生活随笔為你收集整理的MySQL5.7.12新密码登录方式及密码策略的全部內(nèi)容,希望文章能夠幫你解決所遇到的問題。
- 上一篇: 安装kilo版本openstack-da
- 下一篇: mysqlworkdbench 查看执行