MySQL Security – Failed-Login Tracking and Temporary Account Locking
May 12, 2020
MySQL 8.0 has introduced an optional behavior that authorize users to change their password only if they could provide the current password.
MySQL provides password-reuse capability, which allows database administrators to determine the number of unique passwords a user must use before they can use an old password again.
MySQL provides password-expiration capability, which enables database administrators to require that users reset their password.
MySQL has the capability of generating random passwords for user accounts, as an alternative to requiring explicit administrator-specified literal passwords.
Up to MySQL 8.0.16, to perform these tasks you could:
– Use MySQL Enterprise Backup :
– Use mysqldump
Starting with MySQL 8.0.17, the easiest and recommended method is to use the CLONE feature.
Like I stated in my previous article – MySQL InnoDB Cluster – Recovering and provisioning with mysqldump :
“As the administrator of a cluster, among others tasks, you should be able to restore failed nodes and to add (or remove) new nodes”.
Well, I still agree with myself 🙂
MySQL customers using a Commercial Edition have access to MySQL Enterprise Backup (MEB) which provide enterprise-grade physical backup and recovery for MySQL.
MEB delivers hot, online, non-blocking backups on multiple platforms including Linux, Windows, Mac & Solaris.
As the administrator of a cluster, among other tasks, you should be able to restore failed nodes and grow (or shrink) your cluster by adding (or removing) new nodes.
In MySQL, as a backup tool (and if your amount of data is not too big), you can use mysqldump a client utility that performs logical backups.
The results are SQL statements that reproduce the original schema objects and data.
For substantial amounts of data however, a physical backup solution such as MySQL Enterprise Backup is faster, particularly for the restore operation.
But this is the topic of my next blog post 🙂
MySQL 8.0 provides another way to handle JSON documents, actually in a “Not only SQL” (NoSQL) approach…
In other words, if you need/want to manage JSON documents (collections) in a non-relational manner, with CRUD (acronym for Create/Read/Update/Delete) operations then you can use MySQL 8.0!
Did you know that?
MySQL Enterprise Data Masking and De-Identification hides sensitive information by replacing real values with substitutes in order to protect sensitive data while they are still look real and consistent.