MySQL is a real multi-user, multi-thread SQL database server. MySQL is implemented in a Client/Server structure. It consists of a server daemon mysqld and many different client programs and libraries. Because of its openness and Stability of the source code, and its perfect combination with the popular compilation of PHP, many websites now use it as a back-end database, making it widely used. In terms of security, each user must be given access restrictions on different databases to meet the requirements of different users. We will discuss it separately for your reference.
I. Summary of MySQL password change methods
The first thing to note is: Generally, you need to have the root permission in MySQL to change the MySQL password. In this way, you cannot change the password unless you ask the Administrator to help you modify the password.
Method 1
Use phpMyAdmin
(Graphical MySQL database management tool), this is the simplest, directly use SQL statements to modify the user table of the MySQL database, but do not forget to use the password function, insert the user using the INSERT command, modify the user's use of the update command and delete the use of the DELETE command. This section describes the user field of a data table.
Method 2
Use mysqladmin. Input
Mysqladmin-u root-P oldpassword newpasswd |
After executing this command, you need to enter the original root password, so that the root password will be changed to newpasswd. Similarly, change the root in the command to your username, and you can change your password.
Of course, if your mysqladmin cannot connect to MySQL server, or you cannot execute mysqladmin, this method is invalid, and mysqladmin cannot clear the password.
The following methods are used at the MySQL prompt and must have the root permission of MySQL:
Method 3
Mysql> insert into mysql. User (host, user, password) Values ('%', 'System', password ('manager ')); Mysql> flush privileges |
Specifically, this is to add a user with the username system and Password Manager. Be sure to use the password function, and then use flush privileges for confirmation.
Method 4
Similar to method Sany, but the replace statement is used.
Mysql> replace into mysql. User (host, user, password) Values ('%', 'system', password ('manager ')); Mysql> flush privileges |
Method 5
Use the SET Password statement
Mysql> set password for system @ "%" = PASSWORD ('manager '); |
You must also use the password () function, but do not need to use flush privileges for confirmation.
Method 6
Use the grant... identified by statement to grant permissions.
Mysql> grant usage on *. * to system @ "%" identified by 'manager '; |
Here, the password () function is unnecessary and you do not need to use flush privileges for confirmation.
Note: The password () function is used to encrypt passwords and automatically interpret them in MySQL.
Ii. How to Set access restrictions in MySQL
We use two methods to set users.
Go to the MySQL execution directory (usually c: \ mysql \ bin ). Enter mysqld-mongoware.exe and MySQL -- user = root mysql. Otherwise, you cannot add new users. Go to the mysql> prompt to perform the operation.
Suppose we want to create a super user with the username system and user password manager.
Method 1
Use the grant command for authorization. The input code is as follows:
Mysql> grant all privileges on *. * to system @ localhost identified 'Manager' with grant option; |
Display: Query OK, 0 rows affected (0.38 Sec)
Method 2
Set each permission of a user:
Mysql> insert into user Values ('localhost', 'system', password ('manager '), 'Y ', 'y', 'y '); |
For MySQL 3.22.34, there are 14 "Y" in total. The corresponding permissions are as follows (sorted by field ):
Permission |
Table column name |
Explanation |
Scope of use |
Select |
Select_priv |
Select permission is required only when a table is actually retrieved. |
Table |
Insert |
Insert_priv |
Allows you to Insert a new row into an existing table. |
Table |
Update |
Update_priv |
Allows you to update columns in the row of an existing table with new values. |
Table |
Delete |
Delete_priv |
Allow you to delete rows that meet the conditions |
Table |
Create |
Create_priv |
Allow you to create new databases and tables |
Databases, tables, or Indexes |
Drop |
Drop_priv |
Discard (delete) existing databases and tables |
Database or table |
Reload |
Reload_priv |
Allow you to tell the server to read the authorization table again |
Server Management |
Shutdown |
Shutdown_priv |
This vulnerability may be abused (by terminating the server and rejecting services from other users) |
Server Management |
Process |
Process_priv |
Allows you to view the common text of the currently executed query, including setting or changing the password for the query |
Server Management |
File |
File_priv |
Attackers can exploit this vulnerability to read any readable files from the server to the database table. |
File access on the server |
Grant |
Grant_priv |
Allow you to grant your own permissions to other users |
Database or table |
References |
References_priv |
Allows you to open and close Record Files |
Database or table |
Index |
Index_priv |
Allows you to create or discard (delete) Indexes |
Table |
Alter |
Alter_priv |
Allows you to change the table. You can rename the table to overturn the permission system. |
Table |
If you only have select, insert, update, and delete permissions when creating a user, you can only perform operations on the existing table of a database.
Next we can create the database we want to use. We can directly enter it. For example, we want to create a database named xinxiku. The following code is available:
Mysql> Create Database xinxiku; |
Display: Query OK, 1 row affected (0.00 Sec)