Of Stack

MySql5.6 Use validate and password plugin to strengthen password

  • 2021-01-25 08:02:02
  • OfStack

mysql 5.6 has enhanced the strength of passwords with the introduction of the validate_password plug-in. Support for password strength requirements.

Installation method:

Open in a configuration file

[mysqld] 


plugin-load=validate_password.so
validate-password=FORCE_PLUS_PERMANENT
validate_password_policy=2

And loading plugin: 


mysql>>INSTALL PLUGIN validate_password SONAME 'validate_password.so';

Can.

When creating a user password, it will not pass if it does not conform to the default rules: 


mysql>grant all on *.* to tester@'localhost' identified by 'tasssss';
ERROR 1819 (HY000): Your password does not satisfy the current policy requirements ;

The following is to introduce mysql 5.6 password strength plug-in

In mysql 5.6, password strength has been enhanced with the introduction of the validate_password plug-in. Support for password strength requirements.

This plugin requires version 5.6.6 or above

Installation:

1. Install the plugin :(After the plugin is installed by default, the strength plugin will be enabled and closed. If relevant shutdown parameters are required in the configuration file) 


mysql>INSTALL PLUGIN validate_password SONAME 'validate_password.so';

2. Add some parameters to the configuration file: 


plugin-load=validate_password.so
validate_password_policy=2
validate-password=FORCE_PLUS_PERMANENT

3. After the above processing, you can test: 


mysql> SET PASSWORD = PASSWORD('abc');
ERROR 1819 (HY000): Your password does not satisfy the current policy requirements
mysql> SET PASSWORD = '*0D3CED9BEC10A777AEC23CCC353A8C08A633045E';

jQuery OK, 0 rows affected (0.01 sec)

4. Relevant Instructions:

(1).

validate - password = ON/OFF/FORCE/FORCE_PLUS_PERMANENT: decide whether to use the plugin (and mandatory/permanent force).

validate_password_dictionary_file: The path to the dictionary file used by the plug-in to verify password strength.

validate_password_length: Minimum password length.

validate_password_mixed_case_count: The minimum number of lowercase and uppercase letters that a password must contain.

validate_password_number_count: The minimum number of digits that a password must contain.

validate_password_policy: Password strength check level, 0/LOW, 1/MEDIUM, 2/STRONG.

validate_password_special_char_count: The minimum number of special characters that a password must contain.

validate_password_policy- Password strength check level:

0/LOW: Check length only.

1/MEDIUM: Check length, numbers, case, special characters.

2/STRONG: Check length, number, case, and special character dictionary files.

(2). Enable the installation of the plug-in:

The library object file for the plug-in should be in the directory specified by the configuration option plugin_dir.

plugin-load=validate_password.so, load the plug-in when server starts, or write plugin-load=validate_password.so to the configuration file.

You can also load the plug-in at server runtime with the following statement (it is registered in the mysql.plugins table) 


mysql> INSTALL PLUGIN validate_password SONAME 'validate_password.so';

(3). To prevent the plug-in from being deleted at run time, you can add: 


plugin-load=validate_password.so
validate-password=FORCE_PLUS_PERMANENT
Related articles: