On 9/24/2012 4:25 PM, Arthur Fuller wrote:
> On this note, one thing that really bugs me about MySQL passwords is the
> inability to use special characters. In the SQL Server world, I let users
> choose their own passwords, but obeying these rules:
> It cannot be a dictionary word or sequence of words.
> It must contain at least one numeric digit.
> It must contain a mix of upper and lower case.
> It must contain at least one special character.
> That combination makes a password very difficult to crack. I don't know why
> MySQL falls so short in this respect.
MySQL continues to improve in this respect. While it's true that our
last big security change was the enhanced password hash function
introduced in 4.1 we have not been completely insensitive to the needs
of our customers. For example, check out the list of account and
security improvements arriving in MySQL 5.6
In particular, the password complexity threshold can be configured using
the new Password Validation plugin:
MySQL Principal Technical Support Engineer
Oracle USA, Inc. - Hardware and Software, Engineered to Work Together.
Office: Blountville, TN