List:General Discussion« Previous MessageNext Message »
From:Shawn Green Date:September 24 2012 8:40pm
Subject:Re: secure user name for MySQL account?
View as plain text  
Hello Arthur,

On 9/24/2012 4:25 PM, Arthur Fuller wrote:
> On this note, one thing that really bugs me about MySQL passwords is the
> inability to use special characters. In the SQL Server world, I let users
> choose their own passwords, but obeying these rules:
>
> It cannot be a dictionary word or sequence of words.
> It must contain at least one numeric digit.
> It must contain a mix of upper and lower case.
> It must contain at least one special character.
>
> That combination makes a password very difficult to crack. I don't know why
> MySQL falls so short in this respect.
>

MySQL continues to improve in this respect. While it's true that our 
last big security change was the enhanced password hash function 
introduced in 4.1 we have not been completely insensitive to the needs 
of our customers.  For example, check out the list of account and 
security improvements arriving in MySQL 5.6
http://dev.mysql.com/doc/refman/5.6/en/mysql-nutshell.html

In particular, the password complexity threshold can be configured using 
the new Password Validation plugin:
http://dev.mysql.com/doc/refman/5.6/en/validate-password-plugin.html

Yours,
-- 
Shawn Green
MySQL Principal Technical Support Engineer
Oracle USA, Inc. - Hardware and Software, Engineered to Work Together.
Office: Blountville, TN


Thread
secure user name for MySQL account?Rajeev Prasad24 Sep
  • Re: secure user name for MySQL account?Johan De Meersman24 Sep
    • Re: secure user name for MySQL account?Arthur Fuller24 Sep
      • Re: secure user name for MySQL account?Shawn Green24 Sep
        • Re: secure user name for MySQL account?Arthur Fuller24 Sep