Activate validate_password Plugin

Recently i encounter an uprising among PHP Developers that , they must write a script additionally checking the strength of MySQL user password at creation time. So, just for note that there is ready to use plugin in MySQL named: The file location is default in plugin_dir in Linux:

mysql> select @@plugin_dir; 
| @@plugin_dir | 
| /usr/lib64/mysql/plugin/ | 
1 row in set (0,00 sec) 

List this directory:

[root@linuxsrv3 plugin]# ls daemon_example.ini debug

As you see there is a So what is the defaults of this plugin and how it works? In General if this plugin activated, User will only be able to create passwords with following specifications: 1. Greater or equal to 8 char length. 2. At least 1 number 3. At least 1 non-letter non-number (eg. #, % ,!) 4. At least 1 Upper case letter So the sample password will be: “Sh@rkp45!” or something similar. All weak passwords such as “12345” , “acbsg54” will not allowed to create:

mysql> create user "nc"@"%" identified by '12345'; 
ERROR 1819 (HY000): Your password does not satisfy the current policy requirements 

Question is, will i be able to connect with already created user before activating plugin? Answer is: YES. So how to activate plugin. Simply add this to my.cnf file under [mysqld] catalog:

    # Password Validation # 

Restart Server. And that’s all. Force + Permanent will guarantee that plugin can not be disabled at run time or while running MySQL. If you want to change default values for this plugin Read documentation: Validate Password Plugin

Author: Shahriyar Rzayev

Azerbaijan MySQL User Group and Python user group leader. QA Engineer, bug hunter by nature and true Pythonista

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.