Install MySQL Password Validation Plugin on Linux
When thinking about security within a MySQL installation is protecting MySQL data. MySQL provides many tools and plugins in order to protect your data. Now MySQL version 5.6.4 comes with a new security plugin called Password Validation Plugin. The password should be structured and security based. In other words, to increase the security level, you require user and passwords meet at least your minimal security requirements, using the MySQL Password validation plugin.
Verify MySQL Version:
The Password validation plugin serves to test passwords and improve security. You can check the MySQL version using mention commands.
# mysql -u root -p
mysql> SHOW VARIABLES LIKE 'version%';
+-------------------------+------------------------------+
| Variable_name | Value |
+-------------------------+------------------------------+
| version | 5.6.43 |
| version_comment | MySQL Community Server (GPL) |
| version_compile_machine | x86_64 |
| version_compile_os | Linux |
+-------------------------+------------------------------+
4 rows in set (0.00 sec)
MySQL Plugin Directory:
All MySQL plugins are located on the plugin directory. To know the location of the MySQL plugin location use-mention command.
# mysql -u root -p
mysql> SHOW VARIABLES LIKE 'plugin_dir';
+---------------+--------------------------+
| Variable_name | Value |
+---------------+--------------------------+
| plugin_dir | /usr/lib64/mysql/plugin/ |
+---------------+--------------------------+
1 row in set (0.00 sec)
Restart the MySQL service.
For CentOS/RHEL 7
# systemctl restart mysql
For CentOS/RHEL 6
# service mysql restart
Install MySQL Plugin:
If validate_password plugin is not installed please use-mention command to install MySQL plugin.
# mysql -u root -p
mysql> INSTALL PLUGIN validate_password SONAME 'validate_password.so';
mysql> SELECT PLUGIN_NAME, PLUGIN_STATUS FROM INFORMATION_SCHEMA.PLUGINS WHERE PLUGIN_NAME LIKE 'validate%';
+-------------------+---------------+
| PLUGIN_NAME | PLUGIN_STATUS |
+-------------------+---------------+
| validate_password | ACTIVE |
+-------------------+---------------+
1 row in set (0.01 sec)
You can also install the plugin using adding the entry in MySQL configuration file.
# vim /etc/my.cnf
Add the mention line.
[mysqld]
plugin-load-add=validate_password.so
Verify Plugin Status:
After installing the plugin you can verify it using mention commands.
# mysql -u root -p
mysql> SHOW VARIABLES LIKE 'validate%';
+--------------------------------------+--------+
| Variable_name | Value |
+--------------------------------------+--------+
| validate_password_dictionary_file | |
| validate_password_length | 8 |
| validate_password_mixed_case_count | 1 |
| validate_password_number_count | 1 |
| validate_password_policy | MEDIUM |
| validate_password_special_char_count | 1 |
+--------------------------------------+--------+
6 rows in set (0.00 sec)
# mysql -u root -p mysql> SHOW STATUS LIKE 'validate%';
+-----------------------------------------------+---------------------+
| Variable_name | Value |
+-----------------------------------------------+---------------------+
| validate_password_dictionary_file_last_parsed | 2019-03-19 13:35:53 |
| validate_password_dictionary_file_words_count | 0 |
+-----------------------------------------------+---------------------+
2 rows in set (0.00 sec)
Uninstall MySQL Plugin:
you can simply uninstall the validate_password plugin from your MySQL server.
# mysql -u root -p
mysql> UNINSTALL PLUGIN validate_password;
If you don’t need to uninstall the plugin, then simply change the password policy of MySQL.
Enjoy it!
