Best IT Recipes

How to disable mysql password verification?

It seems that I may have accidentally downloaded the password verification plugin in MySQL 5.7. This plugin seems to force all passwords to obey certain rules.

I would like to disable this.

I tried to change the validate_password_length variable, as suggested here , to no avail.

mysql> SET GLOBAL validate_password_length=4; Query OK, 0 rows affected (0.00 sec) mysql> SET PASSWORD FOR 'app' = PASSWORD('abcd'); ERROR 1819 (HY000): Your password does not satisfy the current policy requirements

I would like to unload the plugin or it somehow.

+131
mysql
Mar 30 '16 at 6:17
source share
11 answers

Here is what I do to remove the password verification plugin:

  1. Log in to mysql server as root. mysql -h localhost -u root -p
  2. Run the following sql command: uninstall plugin validate_password;

I would not recommend this solution for a production system. I used this solution on a local mysql instance for development purposes only.

+390
Jul 23 '16 at 5:51
source share
β€” -

Based on the answer from Sharfi, edit the /etc/my.cnf file and add only one line:

 validate_password_policy=LOW

This should sufficiently neutralize validation, as required by AF. You might want to restart mysqld after this change. Depending on your OS, it will look something like this:

 sudo service mysqld restart

validate_password_policy accepts either 0, 1, or 2, or the words LOW, MEDIUM, and STRONG that correspond to these numbers. The default value is MEDIUM (1), which requires that passwords contain at least one uppercase letter, one lowercase letter, one digit and one special character, and the total password length is at least 8 characters. Changing to LOW, as I suggest here, will only check the length, which, if it has not been changed using other parameters, will check the length 8. If you want to reduce this length limit, you can also add validate_password_length to my.cnf.

For more information on levels and details, see MySQL Document .



For MySQL 8, the property has been changed from "validate_password_policy" to "validate_password.policy". See the updated MySQL documentation for the latest information.

+32
Feb 28 '17 at 10:41
source share

I am using MySQL v 8.0.12, and the command to disable the password verification component:

 UNINSTALL COMPONENT 'file://component_validate_password';

To install it again, the command:

 INSTALL COMPONENT 'file://component_validate_password';

If you just want to change the password verification plugin policy:

 SET GLOBAL validate_password.policy = 0; // For LOW SET GLOBAL validate_password.policy = 1; // For MEDIUM SET GLOBAL validate_password.policy = 2; // For HIGH
+22
Jul 28 '18 at 23:10
source share

To disable password checks in mariadb-10.1.24 (Fedora 24), I had to comment out the line in the /etc/my.cnf.d/cracklib_password_check.cnf file:

 ;plugin-load-add=cracklib_password_check.so

then restart the mariadb service:

 systemctl restart mariadb.service
+6
Jun 21 '17 at 18:53 on
source share

You can configure this in the mysql configuration file, /etc/my.cnf file /etc/my.cnf In this file, all lines that configure the password policy do those that are commented out as

 #validate-password=FORCE_PLUS_PERMANENT #validate_password_length=10 #validate_password_mixed_case_count=1 #validate_password_number_count=1 #validate_password_policy=MEDIUM

Uncomment and change the value of the properties you want to change.

+3
Sep 23 '16 at 10:55
source share

If you want to make exceptions, you can apply the following "hack". This requires a user with DELETE and INSERT for the mysql.plugin system table.

 uninstall plugin validate_password; SET PASSWORD FOR 'app' = PASSWORD('abcd'); INSTALL PLUGIN validate_password SONAME 'validate_password.so';

Blueprint Disclaimer: Think about why you are making your password shorter or easier, and perhaps consider replacing it with a more complex one. However, I understand the points β€œit's 3AM and you just need to work,” just make sure that you do not create a hack system so that you yourself are not hacked.

+2
Mar 10 '17 at 20:57
source share

In addition to the answer from ktbos:

I changed the mysqld.cnf file and mysql could not start. It turned out that I was editing the wrong file!

Therefore, make sure that the file you are modifying contains segment tags such as [mysqld_safe] and [mysqld]. With the latter, I did as suggested, and added the line:

 validate_password_policy=LOW

This worked perfectly to solve my problem without requiring special characters in the password.

+2
May 30 '17 at 10:22
source share

I had a problem on Ubuntu 18.04 on Mysql. When I needed to create a new user, the policy was always high.

The way I figured out how to turn off was set to low for future colleagues who come to research.

Log in to the MySQL server as root

 mysql -h localhost -u root -p

Set a new type of check

 SET GLOBAL validate_password_policy=0; //For Low

Restart MySQL

 sudo service mysql restart
0
Jul 29 '18 at 18:23
source share
 CREATE USER 'username'@'localhost' IDENTIFIED BY 'password'; GRANT ALL PRIVILEGES ON *.* TO 'organizer'@'localhost' WITH GRANT OPTION; CREATE USER 'username'@'%' IDENTIFIED BY 'password'; GRANT ALL PRIVILEGES ON *.* TO 'organizer'@'%' WITH GRANT OPTION; FLUSH PRIVILEGES;

no need to stop / start MySQL

0
Jan 21 '19 at 19:41
source share

Removal:

 mysql> uninstall plugin validate_password;

An uninstalled plugin does not appear in show plugins;

Installation:

 mysql> install plugin validate_password SONAME 'validate_password.so';

Disabled by configuration:

 [mysqld] validate_password = OFF

The plugin can be disabled by configuration only if it is installed.

0
May 31 '19 at 12:38
source share

For mysql 8.0.7, change to the mysql directory and use:

 sudo bin/mysql_secure_installation

configure password option.

-one
Aug 08 '18 at 9:50
source share


More articles:


All Articles