Skip to content
PERCONA MONITORING AND MANAGEMENT DOCUMENTATION

For help, click the link below to get free database assistance or contact our experts for personalized support.

Get help from Percona

Policy-based password validation does not perform dictionary checks

Description

When users create weak passwords (for example, ‘password’ or ‘abcd’) it compromises the security of the server, making it easier for unauthorized people to guess the password and gain access to the server.

Starting with MySQL Server 5.6, MySQL offers the ‘validate_password’ plugin that can be used to test passwords and improve security. With this plugin you can implement and enforce a policy for password strength (e.g. passwords must be at least 8 characters long, have both lowercase and uppercase letters, contain at least one special non alphanumeric character, and do not match commonly-used words.

Resolution

Adopt more complex passwords, implement validate_password_policy at least MEDIUM value.

Need more support from Percona?

Percona experts bring years of experience in tackling tough database performance issues and design challenges.