MySQL5.7.11 -- 嚴格的密碼要求
2016.02.27
今天接著學習MySQL,前天安裝完了MySQL 5.7.11,在此基礎進一步瞭解新版本MySQL的各項改變。
5.7.11對密碼有了更嚴格的要求,分為LOW,MEDIUM,STRONG三個等級,對應要求如下:
LOW Length >= 8
MEDIUM Length >= 8, numeric, mixed case, and special characters
STRONG Length >= 8, numeric, mixed case, special characters and dictionary file
由於前天安裝MySQL的時候,是按照以往的5.6經驗流程,所以密碼設定都是比較一般,現在開始按照5.7.11的要求設定密碼
到此,密碼修改完成了,現在去嘗試登入,看是否是如此。
可以確定,上面的步驟全部生效了,其實說白了,就是要把密碼設定的複雜一些,就這!
今天接著學習MySQL,前天安裝完了MySQL 5.7.11,在此基礎進一步瞭解新版本MySQL的各項改變。
5.7.11對密碼有了更嚴格的要求,分為LOW,MEDIUM,STRONG三個等級,對應要求如下:
LOW Length >= 8
MEDIUM Length >= 8, numeric, mixed case, and special characters
STRONG Length >= 8, numeric, mixed case, special characters and dictionary file
由於前天安裝MySQL的時候,是按照以往的5.6經驗流程,所以密碼設定都是比較一般,現在開始按照5.7.11的要求設定密碼
-
[root@zhangMySQL5711 bin]# ./mysql_secure_installation //此檔案在/usr/local/mysql/bin 目錄下
-
Securing the MySQL server deployment.
-
-
Connecting to MySQL server using password in '/root/.mysql_secret' //提示使用安裝時,MySQL提供的隨機密碼
-
Error: Access denied for user 'root'@'localhost' (using password: YES)
-
[root@zhangMySQL5711 bin]# more /root/.mysql_secret
-
# Password set for user 'root@localhost' at 2016-02-24 17:49:00
-
E>_iG6u+<%dh
-
[root@zhangMySQL5711 bin]# ./mysql_secure_installation --help //help 檢視一下相關的引數選項,這裡不多解釋每一項,平時用到的也就那麼熟悉的幾項
-
./mysql_secure_installation Ver 5.7.11, for Linux on x86_64
-
Copyright (c) 2013, 2016, Oracle and/or its affiliates. All rights reserved.
-
-
Oracle is a registered trademark of Oracle Corporation and/or its
-
affiliates. Other names may be trademarks of their respective
-
owners.
-
MySQL Configuration Utility.Usage: ./mysql_secure_installation [OPTIONS]
-
-?, --help Display this help and exit.
-
-h, --host=name Connect to host.
-
-p, --password[=name]
-
Password to connect to the server. If password is not
-
given it's asked from the tty.
-
-P, --port=# Port number to use for connection or 0 for default to, in
-
order of preference, my.cnf, $MYSQL_TCP_PORT,
-
/etc/services, built-in default (3306).
-
--protocol=name The protocol to use for connection (tcp, socket, pipe,
-
memory).
-
-S, --socket=name Socket file to be used for connection.
-
--ssl-mode=name SSL connection mode.
-
--ssl Deprecated. Use --ssl-mode instead.
-
(Defaults to on; use --skip-ssl to disable.)
-
--ssl-verify-server-cert
-
Deprecated. Use --ssl-mode=VERIFY_IDENTITY instead.
-
--ssl-ca=name CA file in PEM format.
-
--ssl-capath=name CA directory.
-
--ssl-cert=name X509 cert in PEM format.
-
--ssl-cipher=name SSL cipher to use.
-
--ssl-key=name X509 key in PEM format.
-
--ssl-crl=name Certificate revocation list.
-
--ssl-crlpath=name Certificate revocation list path.
-
--tls-version=name TLS version to use, permitted values are: TLSv1, TLSv1.1
-
-u, --user=name User for login if not root.
-
-D, --use-default Execute with no user interactivity
-
-
Default options are read from the following files in the given order:
-
/etc/my.cnf /etc/mysql/my.cnf /usr/local/mysql/etc/my.cnf ~/.my.cnf
-
The following groups are read: mysql_secure_installation mysql client
-
The following options may be given as the first argument:
-
--print-defaults Print the program argument list and exit.
-
--no-defaults Don't read default options from any option file,
-
except for login file.
-
--defaults-file=# Only read default options from the given file #.
-
--defaults-extra-file=# Read this file after the global files are read.
-
--defaults-group-suffix=#
-
Also read groups with concat(group, suffix)
-
--login-path=# Read this path from the login file.
-
-
Variables (--variable-name=value)
-
and boolean options {FALSE|TRUE} Value (after reading options)
-
--------------------------------- ----------------------------------------
-
host localhost
-
port 0
-
socket (No default value)
-
ssl TRUE
-
ssl-verify-server-cert FALSE
-
ssl-ca (No default value)
-
ssl-capath (No default value)
-
ssl-cert (No default value)
-
ssl-cipher (No default value)
-
ssl-key (No default value)
-
ssl-crl (No default value)
-
ssl-crlpath (No default value)
-
tls-version (No default value)
-
user root
-
use-default FALSE
-
[root@zhangMySQL5711 bin]# ./mysql_secure_installation -uroot -p // 嘗試登入,使用安裝後我自己的密碼:zhangmysql
-
Enter password:
-
-
Securing the MySQL server deployment.
-
-
Error: Access denied for user 'root'@'localhost' (using password: YES) //登入失敗,說明使用mysql_secure_installation方式登入,原來的密碼已經不能使用了
-
[root@zhangMySQL5711 bin]# ./mysql_secure_installation -uroot -p //再次登入,使用安裝是MySQL自己提供的隨機密碼:E>_iG6u+<%dh 登入成功!
-
Enter password:
-
-
Securing the MySQL server deployment.
-
-
-
VALIDATE PASSWORD PLUGIN can be used to test passwords //密碼驗證外掛,為了提高安全性,需要驗證密碼
-
and improve security. It checks the strength of password // 它會檢查密碼的強度
-
and allows the users to set only those passwords which are //只允許使用者設定足夠安全的密碼
-
secure enough. Would you like to setup VALIDATE PASSWORD plugin? //提示安裝密碼驗證外掛
-
-
Press y|Y for Yes, any other key for No: y
-
-
There are three levels of password validation policy: //三個等級的驗證策略
-
-
LOW Length >= 8 //最小長度大於等於8個字元
-
MEDIUM Length >= 8, numeric, mixed case, and special characters //數字,字母,特殊字元 混合,具體的應該是至少1個數字,1個字母,1個特殊字元,長度不超過32個字元
-
STRONG Length >= 8, numeric, mixed case, special characters and dictionary file // 最嚴格,加上了,字典檔案
-
-
Please enter 0 = LOW, 1 = MEDIUM and 2 = STRONG: 2 //這裡我選擇2 MEDIUM
-
Using existing password for root.
-
-
Estimated strength of the password: 50 //這裡也是密碼強度的評級
-
Change the password for root ? ((Press y|Y for Yes, any other key for No) : y
-
-
New password: //我這裡輸入的是:Zhangmysql57
-
Re-enter new password:
-
-
Estimated strength of the password: 50
-
Do you wish to continue with the password provided?(Press y|Y for Yes, any other key for No) : y //提示要使用剛剛輸入的密碼嗎?
-
... Failed! Error: Your password does not satisfy the current policy requirements //外掛驗證不透過,不符合當前安全要求級別
-
-
New password: //我這裡輸入的是:Zhangmysql_57
-
-
Re-enter new password:
-
-
Estimated strength of the password: 100
-
Do you wish to continue with the password provided?(Press y|Y for Yes, any other key for No) : y
-
By default, a MySQL installation has an anonymous user, //預設情況下,MySQL有一個匿名使用者,
-
allowing anyone to log into MySQL without having to have //這個匿名使用者,不必有一個使用者為他們建立,匿名使用者允許任何人登入到MySQL,
-
a user account created for them. This is intended only for //這只是為了方便測試使用
-
testing, and to make the installation go a bit smoother.
-
You should remove them before moving into a production //在正式環境使用的時候,建議你移除它
-
environment.
-
-
Remove anonymous users? (Press y|Y for Yes, any other key for No) : y //提示移除匿名使用者
-
Success.
-
-
Normally, root should only be allowed to connect from //一般情況下,root使用者只允許使用"localhost"方式登入,
-
'localhost'. This ensures that someone cannot guess at // 以此確保,不能被某些人透過網路的方式訪問
-
the root password from the network.
-
-
Disallow root login remotely? (Press y|Y for Yes, any other key for No) : n //
-
-
... skipping.
-
By default, MySQL comes with a database named 'test' that //預設情況下,MySQL資料庫中有一個任何使用者都可以訪問的test庫,
-
anyone can access. This is also intended only for testing, //這也僅僅是為了測試
-
and should be removed before moving into a production // 在正式環境下,應該移除掉
-
environment.
-
-
-
Remove test database and access to it? (Press y|Y for Yes, any other key for No) : y
-
- Dropping test database...
-
Success.
-
-
- Removing privileges on test database...
-
Success.
-
-
Reloading the privilege tables will ensure that all changes //重新整理許可權表,以確保所有的修改可以立刻生效
-
made so far will take effect immediately.
-
-
Reload privilege tables now? (Press y|Y for Yes, any other key for No) : y
-
Success.
-
-
All done!
- [root@zhangMySQL5711 bin]
-
[root@zhangMySQL5711 ~]# mysql -uroot -p //使用第一次安裝時候的密碼:zhangmysql
-
Enter password:
-
ERROR 1045 (28000): Access denied for user 'root'@'localhost' (using password: YES)
-
[root@zhangMySQL5711 ~]# mysql -uroot -p //使用 安裝MySQL要求設定的密碼 :Zhangmysql_57
-
Enter password:
-
Welcome to the MySQL monitor. Commands end with ; or \g.
-
Your MySQL connection id is 17
-
Server version: 5.7.11 Source distribution
-
-
Copyright (c) 2000, 2016, Oracle and/or its affiliates. All rights reserved.
-
-
Oracle is a registered trademark of Oracle Corporation and/or its
-
affiliates. Other names may be trademarks of their respective
-
owners.
-
-
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
-
-
mysql> show databases; //顯示沒有了test庫
-
+--------------------+
-
| Database |
-
+--------------------+
-
| information_schema |
-
| mysql |
-
| performance_schema |
-
| sys |
-
+--------------------+
-
4 rows in set (0.00 sec)
-
-
mysql> select user ,host from mysql.user; //root使用者只有"localhost"
-
+-----------+-----------+
-
| user | host |
-
+-----------+-----------+
-
| zhang | % |
-
| mysql.sys | localhost |
-
| root | localhost |
-
| zhang | localhost |
-
+-----------+-----------+
-
4 rows in set (0.00 sec)
-
-
mysql> GRANT ALL PRIVILEGES ON *.* TO root@"%" ;
ERROR 1819 (HY000): Your password does not satisfy the current policy requirements
mysql> GRANT ALL PRIVILEGES ON *.* TO root@"%" IDENTIFIED BY "Zhangmysql_57";
Query OK, 0 rows affected, 1 warning (0.00 sec)
來自 “ ITPUB部落格 ” ,連結:http://blog.itpub.net/30936525/viewspace-2016528/,如需轉載,請註明出處,否則將追究法律責任。
相關文章
- reperror()的格式有嚴格要求Error
- 專案程式碼風格要求
- 密碼安全:密碼設定要求,密碼爆破辦法,密碼歸類使用,密碼處置方案密碼
- 嚴格模式和非嚴格模式區別模式
- 嚴格模式模式
- JavaScript 中的 嚴格模式JavaScript模式
- 嚴格模式下this的指向模式
- JavaScript嚴格模式JavaScript模式
- JavaScript 嚴格模式JavaScript模式
- JS '嚴格模式'JS模式
- steam密碼怎麼設定才合格 steam密碼怎麼符合要求密碼
- js嚴格模式下的this指向,es6模組預設使用嚴格模式JS模式
- 嚴格遵循GPL的開放原始碼病毒現身 (轉)原始碼
- 嚴格模式use strict模式
- 不停要求輸入郵箱密碼如何解決密碼
- SVG九宮格密碼效果程式碼SVG密碼
- 嚴格模式下this的指向問題模式
- 使用React嚴格模式避免過時的程式碼和副作用React模式
- 正規表示式判斷密碼是否符合要求。密碼
- Oracle EM Express要求使用者名稱和密碼OracleExpress密碼
- ECMAScript嚴格模式簡介模式
- Javascript 嚴格模式詳解JavaScript模式
- JSON.parse () 的非嚴格模式JSON模式
- JavaScript嚴格模式(三)- 物件的禁止操作JavaScript模式物件
- javascript嚴格模式下eval()的變化JavaScript模式
- steam密碼格式總不對怎麼設定 steam密碼格式符合要求模版介紹密碼
- iOS-九宮格密碼解鎖iOS密碼
- JS專題之嚴格模式JS模式
- iOS專案需要的App圖示規格要求、規格大小iOSAPP
- 為什麼谷歌要執行嚴格的程式碼編寫規範谷歌
- 政府嚴格版權管理是否是開放原始碼的機會 (轉)原始碼
- iOS swift 最好用的 手勢密碼 九宮格iOSSwift密碼
- 嚴格模式對parseInt()函式的影響模式函式
- 嚴格模式下對於this指向的影響模式
- 1 函式極限的嚴格定義函式
- javascript嚴格模式下的8點規則JavaScript模式
- 破解九宮格密碼,一清即可密碼
- javascript如何設定嚴格模式的作用範圍JavaScript模式