mysql 密碼強度規則設定
阿新 • • 發佈:2019-01-10
問題:
mysql> GRANT ALL PRIVILEGES ON *.* TO 'root'@'%' IDENTIFIED BY 'root' WITH GRANT OPTION;
ERROR 1819 (HY000): Your password does not satisfy the current policy requiremen
【原因】
原來MySQL5.6.6版本之後增加了密碼強度驗證外掛validate_password,相關引數設定的較為嚴格。
使用了該外掛會檢查設定的密碼是否符合當前設定的強度規則,若不滿足則拒絕設定。影響的語句和函式有:create user,grant,set password,password(),old password。
【解決】
1) 檢視mysql全域性引數配置
該問題其實與mysql的validate_password_policy的值有關。
檢視一下msyql密碼相關的幾個全域性引數:
- mysql> select @@validate_password_policy;
- +----------------------------+
- | @@validate_password_policy |
- +----------------------------+
- | MEDIUM |
-
+----------------------------+
- 1 row inset (0.00 sec)
- mysql> SHOW VARIABLES LIKE'validate_password%';
- +--------------------------------------+--------+
- | Variable_name | Value |
- +--------------------------------------+--------+
- | validate_password_dictionary_file | |
-
| validate_password_length | 8 |
- | validate_password_mixed_case_count | 1 |
- | validate_password_number_count | 1 |
- | validate_password_policy | MEDIUM |
- | validate_password_special_char_count | 1 |
- +--------------------------------------+--------+
- 6 rowsinset (0.08 sec)
2)引數解釋
validate_password_dictionary_file
外掛用於驗證密碼強度的字典檔案路徑。
validate_password_length
密碼最小長度,引數預設為8,它有最小值的限制,最小值為:validate_password_number_count + validate_password_special_char_count + (2 * validate_password_mixed_case_count)
validate_password_mixed_case_count
密碼至少要包含的小寫字母個數和大寫字母個數。
validate_password_number_count
密碼至少要包含的數字個數。
validate_password_policy
密碼強度檢查等級,0/LOW、1/MEDIUM、2/STRONG。有以下取值:
Policy Tests Performed
0 or LOW Length
1 or MEDIUM Length; numeric, lowercase/uppercase, and special characters
2 or STRONG Length; numeric, lowercase/uppercase, and special characters; dictionary file
預設是1,即MEDIUM,所以剛開始設定的密碼必須符合長度,且必須含有數字,小寫或大寫字母,特殊字元。
validate_password_special_char_count
密碼至少要包含的特殊字元數。
3)修改mysql引數配置
- mysql> setglobal validate_password_policy=0;
- Query OK, 0 rows affected (0.05 sec)
- mysql>
- mysql>
- mysql> setglobal validate_password_mixed_case_count=0;
- Query OK, 0 rows affected (0.00 sec)
- mysql> setglobal validate_password_number_count=3;
- Query OK, 0 rows affected (0.00 sec)
- mysql> setglobal validate_password_special_char_count=0;
- Query OK, 0 rows affected (0.00 sec)
- mysql> setglobal validate_password_length=3;
- Query OK, 0 rows affected (0.00 sec)
- mysql> SHOW VARIABLES LIKE'validate_password%';
- +--------------------------------------+-------+
- | Variable_name | Value |
- +--------------------------------------+-------+
- | validate_password_dictionary_file | |
- | validate_password_length | 3 |
- | validate_password_mixed_case_count | 0 |
- | validate_password_number_count | 3 |
- | validate_password_policy | LOW |
- | validate_password_special_char_count | 0 |
- +--------------------------------------+-------+
- 6 rowsinset (0.00 sec)
4)修改簡單密碼:
- mysql> SETPASSWORDFOR'root'@'localhost' = PASSWORD('123');
- Query OK, 0 rows affected, 1 warning (0.00 sec)
OK了,完美解決!