ERROR 1819 (HY000): Your password does not satisfy the current policy requirements, hy000satisfy

ERROR 1819 (HY000): Your password does not satisfy the current policy requirements, hy000satisfy

To enhance security, MySQL5.7 randomly generates a password for the root user. In the error log, for the location of the error log, if the RPM package is installed, the default value is/var/log/mysqld. log.

Generally, you can set it through log_error.

mysql> select @@log_error;+---------------------+| @@log_error         |+---------------------+| /var/log/mysqld.log |+---------------------+1 row in set (0.00 sec)

You can use the # grep "password"/var/log/mysqld. log command to obtain the temporary password of MySQL.

2016-01-19T05:16:36.218234Z 1 [Note] A temporary password is generated for root@localhost: waQ,qR%be2(5

After logging on to the server with this password, you must change the password immediately. Otherwise, the following error will be reported:

mysql> select user();ERROR 1820 (HY000): You must reset your password using ALTER USER statement before executing this statement.

If you change the password to a simple one, the following error will be reported:

mysql>  ALTER USER USER() IDENTIFIED BY '12345678';ERROR 1819 (HY000): Your password does not satisfy the current policy requirements

This is actually related to the value of validate_password_policy.

Validate_password_policy has the following values:

Policy	Tests saved med
0OrLOW	Length
1OrMEDIUM	Length; numeric, lowercase/uppercase, and special characters
2OrSTRONG	Length; numeric, lowercase/uppercase, and special characters; dictionary file

The default value is 1, that is, MEDIUM. Therefore, the Password Must Meet the length and contain numbers, lowercase letters or uppercase letters, and special characters.

Sometimes, I only want to test the password for myself and don't want it to be so complicated. For example, I just want to set the root password to 123456.

You must modify two global parameters:

First, modify the value of the validate_password_policy parameter.

mysql> set global validate_password_policy=0;Query OK, 0 rows affected (0.00 sec)

In this way, the password determination criteria are based on the password length. This is determined by the validate_password_length parameter.

mysql> select @@validate_password_length;+----------------------------+| @@validate_password_length |+----------------------------+|                          8 |+----------------------------+1 row in set (0.00 sec)

The default value of the validate_password_length parameter is 8. It has the following minimum values:

validate_password_number_count+ validate_password_special_char_count+ (2 * validate_password_mixed_case_count)

Validate_password_number_count specifies the length of data in the password, validate_password_special_char_count specifies the length of special characters in the password, and validate_password_mixed_case_count specifies the length of medium and small letters in the password.

The default values of these parameters are 1, so the minimum value of validate_password_length is 4. If you explicitly specify that the value of validate_password_length is smaller than 4, although no error is reported, the value of validate_password_length is set to 4. As follows:

mysql> select @@validate_password_length;+----------------------------+| @@validate_password_length |+----------------------------+|                          8 |+----------------------------+1 row in set (0.00 sec)mysql> set global validate_password_length=1;Query OK, 0 rows affected (0.00 sec)mysql> select @@validate_password_length;+----------------------------+| @@validate_password_length |+----------------------------+|                          4 |+----------------------------+1 row in set (0.00 sec)

If you modify any value in validate_password_number_count, validate_password_special_char_count, and validate_password_mixed_case_count, validate_password_length is dynamically modified.

mysql> select @@validate_password_length;+----------------------------+| @@validate_password_length |+----------------------------+|                          4 |+----------------------------+1 row in set (0.00 sec)mysql> select @@validate_password_mixed_case_count;+--------------------------------------+| @@validate_password_mixed_case_count |+--------------------------------------+|                                    1 |+--------------------------------------+1 row in set (0.00 sec)mysql> set global validate_password_mixed_case_count=2;Query OK, 0 rows affected (0.00 sec)mysql> select @@validate_password_mixed_case_count;+--------------------------------------+| @@validate_password_mixed_case_count |+--------------------------------------+|                                    2 |+--------------------------------------+1 row in set (0.00 sec)mysql> select @@validate_password_length;+----------------------------+| @@validate_password_length |+----------------------------+|                          6 |+----------------------------+1 row in set (0.00 sec)

Of course, the premise is that the validate_password plug-in must have been installed, and MySQL5.7 is installed by default.

How can I verify whether the validate_password plug-in is installed? You can view the following parameters. If not installed, the output is blank.

mysql> SHOW VARIABLES LIKE 'validate_password%';+--------------------------------------+-------+| Variable_name                        | Value |+--------------------------------------+-------+| validate_password_dictionary_file    |       || validate_password_length             | 6     || validate_password_mixed_case_count   | 2     || validate_password_number_count       | 1     || validate_password_policy             | LOW   || validate_password_special_char_count | 1     |+--------------------------------------+-------+6 rows in set (0.00 sec)