PDF (A4) - 41.3Mb
Man Pages (TGZ) - 262.8Kb
Man Pages (Zip) - 368.8Kb
Info (Gzip) - 4.1Mb
Info (Zip) - 4.1Mb
Database administrators should use the following guidelines to keep passwords secure.
MySQL stores passwords for user accounts in themysql.user system table. Access to this table should never be granted to any nonadministrative accounts.
Account passwords can be expired so that users must reset them. SeeSection 8.2.15, “Password Management”, andSection 8.2.16, “Server Handling of Expired Passwords”.
Thevalidate_password plugin can be used to enforce a policy on acceptable password. SeeSection 8.4.4, “The Password Validation Component”.
A user who has access to modify the plugin directory (the value of theplugin_dir system variable) or themy.cnf file that specifies the plugin directory location can replace plugins and modify the capabilities provided by plugins, including authentication plugins.
Files such as log files to which passwords might be written should be protected. SeeSection 8.1.2.3, “Passwords and Logging”.
PDF (A4) - 41.3Mb
Man Pages (TGZ) - 262.8Kb
Man Pages (Zip) - 368.8Kb
Info (Gzip) - 4.1Mb
Info (Zip) - 4.1Mb