MySQL Gotchas
If you choose one of the higher settings, like Medium it will add requirements such as a special character. The step from low to medium adds a significant amount of complexity and this additional requirement might be too much. I have found in my testing that special characters can cause an issue with logging in and I recommend disabling this if you decide to use Medium. The additional aspect of upper, lower and numerical requirements in the password along with a longer password, will meet these requirements. To disable a specific requirement for a password policy once it has been set you can modify the configuration file and add the following line.
| sudo nano /etc/mysql/mysql.conf.d/mysqld.cnf |
Find the mysqld header and add the following two lines under it.
| [mysqld] plugin-load-add=validate_password.so validate_password.special_char_count = 0 |
To change the running value on the server, execute this query.
| SET GLOBAL validate_password.special_char_count = 0; |
To see your existing policies, you can execute this query on your server.
| SHOW VARIABLES LIKE ‘validate_password%’; |
It will return a similar set of results like this. You can see the value we set in the
Password policy options
| SET GLOBAL validate_password.policy = 0; // For LOW |
LOW policy tests password length only. Passwords must be at least 8 characters long.
| SET GLOBAL validate_password.policy = 1; // For MEDIUM |
MEDIUM policy adds the conditions that passwords must contain at least 1 numeric character, 1 lowercase character, 1 uppercase character, and 1 special (nonalphanumeric) character.
| SET GLOBAL validate_password.policy = 2; // For HIGH |
STRONG policy adds the condition that password substrings of length 4 or longer must not match words in the dictionary file, if one has been specified.