List:General Discussion« Previous MessageNext Message »
From:Arthur Fuller Date:September 24 2012 9:52pm
Subject:Re: secure user name for MySQL account?
View as plain text  
Thanks for the update, Shawn. I'll check it out right now.

On Mon, Sep 24, 2012 at 4:40 PM, Shawn Green <shawn.l.green@stripped>wrote:

> Hello Arthur,
>
>
> On 9/24/2012 4:25 PM, Arthur Fuller wrote:
>
>> On this note, one thing that really bugs me about MySQL passwords is the
>> inability to use special characters. In the SQL Server world, I let users
>> choose their own passwords, but obeying these rules:
>>
>> It cannot be a dictionary word or sequence of words.
>> It must contain at least one numeric digit.
>> It must contain a mix of upper and lower case.
>> It must contain at least one special character.
>>
>> That combination makes a password very difficult to crack. I don't know
>> why
>> MySQL falls so short in this respect.
>>
>>
> MySQL continues to improve in this respect. While it's true that our last
> big security change was the enhanced password hash function introduced in
> 4.1 we have not been completely insensitive to the needs of our customers.
>  For example, check out the list of account and security improvements
> arriving in MySQL 5.6
>
> http://dev.mysql.com/doc/**refman/5.6/en/mysql-nutshell.**html<http://dev.mysql.com/doc/refman/5.6/en/mysql-nutshell.html>
>
> In particular, the password complexity threshold can be configured using
> the new Password Validation plugin:
>
> http://dev.mysql.com/doc/**refman/5.6/en/validate-**password-plugin.html<http://dev.mysql.com/doc/refman/5.6/en/validate-password-plugin.html>
>
> Yours,
> --
> Shawn Green
>

Thread
secure user name for MySQL account?Rajeev Prasad24 Sep
  • Re: secure user name for MySQL account?Johan De Meersman24 Sep
    • Re: secure user name for MySQL account?Arthur Fuller24 Sep
      • Re: secure user name for MySQL account?Shawn Green24 Sep
        • Re: secure user name for MySQL account?Arthur Fuller24 Sep