Introduction
Previously did not pay too much attention to the configuration of the MySQL password security policy, just to set the password as a complex password, but did not find the configuration method, today Kang's public number just released a article about this, so here also by the way write down. First this feature is introduced in the MySQL version after 5.5, the default source installation and binary installation are not enabled for this feature, if you do not turn on the feature set simple password MySQL just will give hints but still will be allowed to pass.
Enabling features
In the my.cnf file, add
plugin-load=validate_password.so Validate-password=force_plus_permanent
Analysis function
like ' validate% ';
1. Validate_password_policy
Represents the password policy that can be configured with the following values: Default is Medium
0 or Low only required password length (specified by parameter validate_password_length) 1 or The MEDIUM meets the low strategy and also needs to have at least 1 digits, lowercase letters, uppercase letters, and special characters 2 or file) in
2.validate_password_dictionary_file
A dictionary file for configuring passwords that can be configured with a password dictionary file when Validate_password_policy is set to strong, and passwords that exist in the dictionary file must not be used.
3.validate_password_length
To set the minimum length of the password, the default value is 8 min is 0
4.validate_password_mixed_case_count
When Validate_password_policy is set to Medium or strong, the minimum number of lowercase and uppercase letters in the password is at least 1 and the default is 0; The default is to have at least one lowercase and one uppercase letter.
5.validate_password_number_count
When Validate_password_policy is set to Medium or strong, the minimum number of digits in the password, the default 1 min is 0
6.validate_password_special_char_count
When Validate_password_policy is set to Medium or strong, the number of special characters at least in the password, the default 1 minimum is 0
Test
The first password is not long enough and has no capital letters, the second password is long enough but there is no capital letter
Reference Link: http://mp.weixin.qq.com/s?__biz=MjM5MjIxNDA4NA==&mid=2649737686&idx=1&sn= C92874c88ff8e07a199d5ef81fbae359&scene=23&srcid=0701fj032ojwrfev9edsm10s#rd
Summary
Increasing the complexity of the password requires a significant improvement in the security of the system, especially if the online system is very necessary to enable this feature.
Note: pursuer.chen Blog:http://www.cnblogs.com/chenmh This site all the essays are original, welcome to reprint, but reprint must indicate the source of the article, and at the beginning of the article clearly give the link. Welcome to the exchange of discussions |
MySQL Password Enhancement Plugin