The Ultimate Guide to High Availability with MariaDB

simple_password_check

You are viewing an old version of this article. View the current version here.
MariaDB starting with 10.1.2

The simple_password_check plugin was introduced in MariaDB 10.1.2

Contents

  1. simple_password_check_digits
  2. simple_password_check_letters_same_case
  3. simple_password_check_minimal_length
  4. simple_password_check_other_characters
  5. Example

To enable it, run:

INSTALL SONAME 'simple_password_check.so';

simple_password_check is a password validation plugin. It can check whether a password contains at least a certain number of characters of a specific type. When first installed, a password is required to be at least eight characters, and requires at least one digit, one uppercase character, one lowercase character, and one character that is neither a digit nor a letter.

These settings can be configured using the following variables:

simple_password_check_digits

  • Description: A password must contain at least this many digits.
  • Commandline: --simple-password-check-digits=#
  • Scope: Global
  • Dynamic: Yes
  • Data Type: numeric
  • Default Value: 1
  • Range: 0 to 1000
  • Introduced: MariaDB 10.1.2

simple_password_check_letters_same_case

  • Description: A password must contain at least this many upper-case and this many lower-case letters.
  • Commandline: --simple-password-check-letters-same-case=#
  • Scope: Global
  • Dynamic: Yes
  • Data Type: numeric
  • Default Value: 1
  • Range: 0 to 1000
  • Introduced: MariaDB 10.1.2

simple_password_check_minimal_length

  • Description: A password must contain at least this many characters.
  • Commandline: --simple-password-check-minimal-length=#
  • Scope: Global
  • Dynamic: Yes
  • Data Type: numeric
  • Default Value: 8
  • Range: 0 to 1000
  • Introduced: MariaDB 10.1.2

simple_password_check_other_characters

  • Description: A password must contain at least this many characters that are neither digits nor letters.
  • Commandline: --simple-password-check-other-characters=#
  • Scope: Global
  • Dynamic: Yes
  • Data Type: numeric
  • Default Value: 1
  • Range: 0 to 1000
  • Introduced: MariaDB 10.1.2

These variables can be set on the command line or from the my.cnf file. They can also be modified with the SQL SET GLOBAL statement.

Example

When creating a new password, if the criteria are not met, the following error is returned:

SET PASSWORD FOR 'bob'@'%.loc.gov' = PASSWORD('abc');
ERROR 1819 (HY000): Your password does not satisfy the current policy requirements

Comments

Comments loading...
Content reproduced on this site is the property of its respective owners, and this content is not reviewed in advance by MariaDB. The views, information and opinions expressed by this content do not necessarily represent those of MariaDB or any other party.