[Solved] ERROR 1819 (HY000): Your password does not satisfy the current policy requirements

In order to strengthen security, MySQL 5.7 randomly generates a password for the root user. In the error log, regarding the location of the error log, if the RPM package is installed, the default is /var/log/mysqld.log.

Generally can be set by log_error

mysql >  select  @@log_error ;
 + - -------------------+ 
|  @@log_error          | 
+ - ------------ -------+ 
|  / var / log / mysqld. log  | 
+ - -------------------+ 
1 row in  set ( 0.00 sec)

The MySQL temporary password can be obtained through the # grep “password” /var/log/mysqld.log command

2016 - 01 - 19T05: 16 : 36 .218234Z . 1  [ Note ] A Temporary password IS Generated for the root @localhost : WAQ, qR % BE2 ( . 5

After logging in to the server with this password, the password must be changed immediately, otherwise the following error will be reported:

mysql >  select  user ();
ERROR 1820 (HY000): You must reset your password using ALTER  USER statement before executing this statement.

If you just change it to a simple password, the following error will be reported:

mysql >   ALTER  USER  USER () IDENTIFIED BY  ' 12345678 ' ;
ERROR 1819 (HY000): Your password does not satisfy the current policy requirements

This is actually related to the value of validate_password_policy.

The validate_password_policy has the following values:

Policy Tests Performed
0 or LOW Length
1 or MEDIUM Length; numeric, lowercase/uppercase, and special characters
2 or STRONG Length; numeric, lowercase/uppercase, and special characters; dictionary file

The default is 1, which is MEDIUM, so the password set at the beginning must meet the length, and must contain numbers, lowercase or uppercase letters, and special characters.

Sometimes, just for my own testing, I don’t want to set the password so complicated. For example, I just want to set the root password to 123456.

Two global parameters must be modified:

First, modify the value of the validate_password_policy parameter

mysql >  set global validate_password_policy = 0 ;
Query OK, 0 rows affected ( 0.00 sec)

In this way, the criterion for determining the password is based on the length of the password. This is determined by the validate_password_length parameter.

mysql >  select  @@validate_password_length ;
 + - --------------------------+ 
|  @@validate_password_length  | 
+ - ----- ---------------------+ 
|                           8  | 
+ - ---------------------- ----+ 
1 row in  set ( 0.00 sec)

The validate_password_length parameter defaults to 8, which has a minimum limit, the minimum value is:

validate_password_number_count
 + validate_password_special_char_count
 + ( 2  * validate_password_mixed_case_count)

Among them, validate_password_number_count specifies the length of data in the password, validate_password_special_char_count specifies the length of special characters in the password, and validate_password_mixed_case_count specifies the length of upper and lower letters in the password.

The default value of these parameters is 1, so the minimum value of validate_password_length is 4. If you explicitly specify that the value of validate_password_length is less than 4, although no error will be reported, the value of validate_password_length will be set to 4. As follows:

mysql >  select  @@validate_password_length ;
 + - --------------------------+ 
|  @@validate_password_length  | 
+ - ----- ---------------------+ 
|                           8  | 
+ - ---------------------- ----+ 
1 row in  set ( 0.00 sec)

mysql >  set global validate_password_length = 1 ;
Query OK, 0 rows affected ( 0.00 sec)

mysql >  select  @@validate_password_length ;
 + - --------------------------+ 
|  @@validate_password_length  | 
+ - ----- ---------------------+ 
|                           4  | 
+ - ---------------------- ----+ 
1 row in  set ( 0.00 sec)

If any value of validate_password_number_count, validate_password_special_char_count, validate_password_mixed_case_count is modified, validate_password_length will be modified dynamically.

mysql >  select  @@validate_password_length ;
 + - --------------------------+ 
|  @@validate_password_length  | 
+ - ----- ---------------------+ 
|                           4  | 
+ - ---------------------- ----+ 
1 row in  set ( 0.00 sec)

mysql >  select  @@validate_password_mixed_case_count ;
 + - ------------------------------------+ 
|  @@ validate_password_mixed_case_count  | 
+ - ------------------------------------+ 
|                                     1  | 
+ - - ----------------------------------+ 
1 row in  set ( 0.00 sec)

mysql >  set global validate_password_mixed_case_count = 2 ;
Query OK, 0 rows affected ( 0.00 sec)

mysql >  select  @@validate_password_mixed_case_count ;
 + - ------------------------------------+ 
|  @@ validate_password_mixed_case_count  | 
+ - ------------------------------------+ 
|                                     2  | 
+ - - ----------------------------------+ 
1 row in  set ( 0.00 sec)

mysql >  select  @@validate_password_length ;
 + - --------------------------+ 
|  @@validate_password_length  | 
+ - ----- ---------------------+ 
|                           6  | 
+ - ---------------------- ----+ 
1 row in  set ( 0.00 sec)

Of course, the premise is that the validate_password plug-in must have been installed, and MySQL 5.7 is installed by default.

So how to verify whether the validate_password plugin is installed? You can check the following parameters, if it is not installed, the output will be empty.

mysql > SHOW VARIABLES LIKE  ' validate_password% ' ;
 + - ------------------------------------+ -------+ 
| Variable_name                         | Value | 
+ - ---------------------------------- --+-------+ 
| validate_password_dictionary_file     |        | 
| validate_password_length              |  6      | 
| validate_password_mixed_case_count    |  2      | 
| validate_password_number_count        |  1      |
| validate_password_policy              | LOW    | 
| validate_password_special_char_count |  1      | 
+ - ------------------------------------+ -------+ 
6 rows in  set ( 0.00 sec)

Read More:

Leave a Reply

Your email address will not be published. Required fields are marked *