In order to strengthen security, MySQL 5.7 randomly generates a password for the root user. In the error log, regarding the location of the error log, if the RPM package is installed, the default is /var/log/mysqld.log.
Generally can be set by log_error
mysql > select @@log_error ; + - -------------------+ | @@log_error | + - ------------ -------+ | / var / log / mysqld. log | + - -------------------+ 1 row in set ( 0.00 sec)
The MySQL temporary password can be obtained through the # grep “password” /var/log/mysqld.log command
2016 - 01 - 19T05: 16 : 36 .218234Z . 1 [ Note ] A Temporary password IS Generated for the root @localhost : WAQ, qR % BE2 ( . 5
After logging in to the server with this password, the password must be changed immediately, otherwise the following error will be reported:
mysql > select user (); ERROR 1820 (HY000): You must reset your password using ALTER USER statement before executing this statement.
If you just change it to a simple password, the following error will be reported:
mysql > ALTER USER USER () IDENTIFIED BY ' 12345678 ' ; ERROR 1819 (HY000): Your password does not satisfy the current policy requirements
This is actually related to the value of validate_password_policy.
The validate_password_policy has the following values:
Policy | Tests Performed |
---|---|
0 or LOW |
Length |
1 or MEDIUM |
Length; numeric, lowercase/uppercase, and special characters |
2 or STRONG |
Length; numeric, lowercase/uppercase, and special characters; dictionary file |
The default is 1, which is MEDIUM, so the password set at the beginning must meet the length, and must contain numbers, lowercase or uppercase letters, and special characters.
Sometimes, just for my own testing, I don’t want to set the password so complicated. For example, I just want to set the root password to 123456.
Two global parameters must be modified:
First, modify the value of the validate_password_policy parameter
mysql > set global validate_password_policy = 0 ; Query OK, 0 rows affected ( 0.00 sec)
In this way, the criterion for determining the password is based on the length of the password. This is determined by the validate_password_length parameter.
mysql > select @@validate_password_length ; + - --------------------------+ | @@validate_password_length | + - ----- ---------------------+ | 8 | + - ---------------------- ----+ 1 row in set ( 0.00 sec)
The validate_password_length parameter defaults to 8, which has a minimum limit, the minimum value is:
validate_password_number_count + validate_password_special_char_count + ( 2 * validate_password_mixed_case_count)
Among them, validate_password_number_count specifies the length of data in the password, validate_password_special_char_count specifies the length of special characters in the password, and validate_password_mixed_case_count specifies the length of upper and lower letters in the password.
The default value of these parameters is 1, so the minimum value of validate_password_length is 4. If you explicitly specify that the value of validate_password_length is less than 4, although no error will be reported, the value of validate_password_length will be set to 4. As follows:
mysql > select @@validate_password_length ; + - --------------------------+ | @@validate_password_length | + - ----- ---------------------+ | 8 | + - ---------------------- ----+ 1 row in set ( 0.00 sec) mysql > set global validate_password_length = 1 ; Query OK, 0 rows affected ( 0.00 sec) mysql > select @@validate_password_length ; + - --------------------------+ | @@validate_password_length | + - ----- ---------------------+ | 4 | + - ---------------------- ----+ 1 row in set ( 0.00 sec)
If any value of validate_password_number_count, validate_password_special_char_count, validate_password_mixed_case_count is modified, validate_password_length will be modified dynamically.
mysql > select @@validate_password_length ; + - --------------------------+ | @@validate_password_length | + - ----- ---------------------+ | 4 | + - ---------------------- ----+ 1 row in set ( 0.00 sec) mysql > select @@validate_password_mixed_case_count ; + - ------------------------------------+ | @@ validate_password_mixed_case_count | + - ------------------------------------+ | 1 | + - - ----------------------------------+ 1 row in set ( 0.00 sec) mysql > set global validate_password_mixed_case_count = 2 ; Query OK, 0 rows affected ( 0.00 sec) mysql > select @@validate_password_mixed_case_count ; + - ------------------------------------+ | @@ validate_password_mixed_case_count | + - ------------------------------------+ | 2 | + - - ----------------------------------+ 1 row in set ( 0.00 sec) mysql > select @@validate_password_length ; + - --------------------------+ | @@validate_password_length | + - ----- ---------------------+ | 6 | + - ---------------------- ----+ 1 row in set ( 0.00 sec)
Of course, the premise is that the validate_password plug-in must have been installed, and MySQL 5.7 is installed by default.
So how to verify whether the validate_password plugin is installed? You can check the following parameters, if it is not installed, the output will be empty.
mysql > SHOW VARIABLES LIKE ' validate_password% ' ; + - ------------------------------------+ -------+ | Variable_name | Value | + - ---------------------------------- --+-------+ | validate_password_dictionary_file | | | validate_password_length | 6 | | validate_password_mixed_case_count | 2 | | validate_password_number_count | 1 | | validate_password_policy | LOW | | validate_password_special_char_count | 1 | + - ------------------------------------+ -------+ 6 rows in set ( 0.00 sec)