Skip to content
PERCONA MONITORING AND MANAGEMENT DOCUMENTATION

For help, click the link below to get free database assistance or contact our experts for personalized support.

Get help from Percona

s: There are users without passwords

Description

MySQL allows creating users with an empty string. This can lead to important security issues and should be fixed to secure your installation.

To identify user without a password:

SELECT User, Host, authentication_string FROM mysql.user where authentication_string = '';

Having accounts with empty passwords means that your MySQL installation is unprotected until you fix this issue. For more information, see Pluggable Authentication in the MySQL documentation.

Resolution

Assign a password to each MySQL root account that does not have one. To prevent clients from connecting as anonymous users without a password, you can:

Need more support from Percona?

Percona experts bring years of experience in tackling tough database performance issues and design challenges.