password_reuse_check Plugin

Overview

In 23.08 ES, 23.07 ES, 10.6 ES, 10.5 ES, 10.4 ES:

Prevent password reuse

In 10.6 CS, 10.5 CS, 10.4 CS, 10.3 ES, 10.3 CS, 10.2 ES, 10.2 CS:

Not present

USAGE

DETAILS

This plugin implements a way to prevent a user from setting a password that had been set for that user previously. This plugin does not prevent multiple users from setting the same password.

The plugin only affects a SQL statement that sets a user password using a literal password string. It cannot check the password of a SQL statement that makes use of a hashed password value.

The plugin makes use of password history records stored in the password_reuse_check_history system table. Each row in the table stores a cryptographic hash and a date. The hashed data includes information about the affected user and the password that is being set. Because it is a one-way cryptographic hash, the stored data cannot be used to extract the prior password values nor which user the historical record is associated with.

The amount of time that the historical records are kept is controlled by the password_reuse_check_interval system variable which can be set to a count of days to use for the expiration period, or to 0 to indicate that the records do not expire. The default is for the data to never expire.

SYNONYMS

SCHEMA

PARAMETERS

Type

PASSWORD VALIDATION

Maturity

Stable

Version

2.0

Auth Version

2.0

SKYSQL

Cloud

SkySQL Topology

ES Ver

Plugin Present?

AWS

Multi-Node Analytics

10.6

No

Single Node Analytics

10.6

No

Replicated Transactions

10.4

No

10.5

No

10.6

No

Single Node Transactions

10.4

No

10.5

No

10.6

No

GCP

Multi-Node Analytics

10.6

No

Single Node Analytics

10.6

No

Replicated Transactions

10.4

No

10.5

No

10.6

No

Single Node Transactions

10.4

No

10.5

No

10.6

No

Cloud

SkySQL Topology

ES Ver

Plugin Present?

AWS

ColumnStore Data Warehouse

10.6

No

Enterprise Server With Replica(s)

10.4

No

10.5

No

10.6

No

Enterprise Server Single Node

10.4

No

10.5

No

10.6

No

GCP

ColumnStore Data Warehouse

10.6

No

Enterprise Server With Replica(s)

10.4

No

10.5

No

10.6

No

Enterprise Server Single Node

10.4

No

10.5

No

10.6

No

PRIVILEGES

EXAMPLES

ERROR HANDLING

FEATURE INTERACTION

RESPONSES

DIAGNOSIS

ISO 9075:2016

CHANGE HISTORY

Release Series

History

23.08 Enterprise

  • Present starting in MariaDB Enterprise Server 23.08.0.

23.07 Enterprise

  • Present starting in MariaDB Enterprise Server 23.07.0.

10.6 Enterprise

  • Added in MariaDB Enterprise Server 10.6.8-4.

  • Version changed in MariaDB Enterprise Server 10.6.9-5 from 1.0 to 2.0

  • Auth version changed in MariaDB Enterprise Server 10.6.9-5 from 1.0 to 2.0

  • Maturity changed in MariaDB Enterprise Server 10.6.11-6 from Gamma to Stable

10.6 Community

  • Not present.

10.5 Enterprise

  • Added in MariaDB Enterprise Server 10.5.16-11.

  • Version changed in MariaDB Enterprise Server 10.5.17-12 from 1.0 to 2.0

  • Auth version changed in MariaDB Enterprise Server 10.5.17-12 from 1.0 to 2.0

  • Maturity changed in MariaDB Enterprise Server 10.5.18-13 from Gamma to Stable

10.5 Community

  • Not present.

10.4 Enterprise

  • Added in MariaDB Enterprise Server 10.4.25-16.

  • Version changed in MariaDB Enterprise Server 10.4.26-17 from 1.0 to 2.0

  • Auth version changed in MariaDB Enterprise Server 10.4.26-17 from 1.0 to 2.0

  • Maturity changed in MariaDB Enterprise Server 10.4.27-18 from Gamma to Stable

10.4 Community

  • Not present.

10.3 Enterprise

  • Not present.

10.3 Community

  • Not present.

10.2 Enterprise

  • Not present.

10.2 Community

  • Not present.

Release Series

History

23.08 Enterprise

  • Present starting in MariaDB Enterprise Server 23.08.0.

23.07 Enterprise

  • Present starting in MariaDB Enterprise Server 23.07.0.

10.6 Enterprise

  • Added in MariaDB Enterprise Server 10.6.8-4.

  • Version changed in MariaDB Enterprise Server 10.6.9-5 from 1.0 to 2.0

  • Auth version changed in MariaDB Enterprise Server 10.6.9-5 from 1.0 to 2.0

  • Maturity changed in MariaDB Enterprise Server 10.6.11-6 from Gamma to Stable

10.5 Enterprise

  • Added in MariaDB Enterprise Server 10.5.16-11.

  • Version changed in MariaDB Enterprise Server 10.5.17-12 from 1.0 to 2.0

  • Auth version changed in MariaDB Enterprise Server 10.5.17-12 from 1.0 to 2.0

  • Maturity changed in MariaDB Enterprise Server 10.5.18-13 from Gamma to Stable

10.4 Enterprise

  • Added in MariaDB Enterprise Server 10.4.25-16.

  • Version changed in MariaDB Enterprise Server 10.4.26-17 from 1.0 to 2.0

  • Auth version changed in MariaDB Enterprise Server 10.4.26-17 from 1.0 to 2.0

  • Maturity changed in MariaDB Enterprise Server 10.4.27-18 from Gamma to Stable

EXTERNAL REFERENCES