{"id":2177,"date":"2018-03-14T15:03:39","date_gmt":"2018-03-14T14:03:39","guid":{"rendered":"http:\/\/dasini.net\/blog\/?p=2177"},"modified":"2020-05-27T07:44:34","modified_gmt":"2020-05-27T06:44:34","slug":"mysql-security-user-account-locking","status":"publish","type":"post","link":"https:\/\/dasini.net\/blog\/2018\/03\/14\/mysql-security-user-account-locking\/","title":{"rendered":"MySQL Security &#8211; User Account Locking"},"content":{"rendered":"<p><span style=\"color: #3366ff;\">If you are using <strong>MySQL 8.0<\/strong>, I would recommend you to read :<strong> <a style=\"color: #3366ff;\" title=\"MySQL Security \u2013 Failed-Login Tracking and Temporary Account Locking\" href=\"http:\/\/dasini.net\/blog\/2020\/05\/12\/mysql-security-failed-login-tracking-and-temporary-account-locking\/\" target=\"_blank\" rel=\"noopener noreferrer\">MySQL Security \u2013 Failed-Login Tracking and Temporary Account Locking<\/a><\/strong><\/span><\/p>\n<hr \/>\n<p>When thinking about security within a MySQL installation, you should consider a wide range of possible procedures \/ best practices and how they affect the security of your MySQL server and related applications. MySQL provides many tools \/ features \/ plugins in order to protect your data including some advanced features like <a href=\"http:\/\/dasini.net\/blog\/2018\/04\/10\/mysql-security-mysql-enterprise-transparent-data-encryption\/\" target=\"_blank\" rel=\"noopener noreferrer\">Transparent Data Encryption aka TDE<\/a>,\u00a0<a href=\"http:\/\/dasini.net\/blog\/2018\/04\/04\/mysql-security-mysql-enterprise-audit\/\" target=\"_blank\" rel=\"noopener noreferrer\">Audit<\/a>, <a href=\"http:\/\/dasini.net\/blog\/2019\/03\/19\/mysql-security-mysql-enterprise-data-masking-and-de-identification\/\" target=\"_blank\" rel=\"noreferrer noopener\" aria-label=\"Data Masking &amp; De-Identification (opens in a new tab)\">Data Masking &amp; De-Identification<\/a>, <a href=\"http:\/\/dasini.net\/blog\/2018\/04\/16\/mysql-security-mysql-enterprise-firewall\/\" target=\"_blank\" rel=\"noopener noreferrer\">Firewall<\/a>, <a href=\"http:\/\/dasini.net\/blog\/2018\/03\/07\/mysql-security-password-management\/\" target=\"_blank\" rel=\"noopener noreferrer\">Password Management<\/a>, <a href=\"http:\/\/dasini.net\/blog\/2018\/03\/01\/mysql-security-password-validation-plugin\/\" target=\"_blank\" rel=\"noopener noreferrer\">Password Validation Plugin<\/a>, <a href=\"http:\/\/dasini.net\/blog\/2018\/03\/29\/mysql-security-the-connection-control-plugins\/\" target=\"_blank\" rel=\"noopener noreferrer\">The Connection-Control Plugins<\/a>, etc&#8230;<\/p>\n<p><img data-recalc-dims=\"1\" loading=\"lazy\" decoding=\"async\" class=\"aligncenter\" src=\"https:\/\/i0.wp.com\/dasini.net\/blog\/wp-content\/uploads\/MySQL_DB_Lock2.png?resize=169%2C179\" alt=\"MySQL Security\" width=\"169\" height=\"179\" \/><\/p>\n<p>For security reasons some context require you to setup a <a href=\"https:\/\/dev.mysql.com\/doc\/mysql-security-excerpt\/5.7\/en\/account-locking.html\" target=\"_blank\" rel=\"noopener noreferrer\">user account locking<\/a> policy. Thus an <strong>unauthorized user is not able <\/strong>(<strong>anymore<\/strong>)<strong> to login<\/strong> to the MySQL server. In this 3rd article of the\u00a0<strong>MySQL Security<\/strong> series, we\u00a0will see how to [un]lock a user account.<\/p>\n<h2>User Account Locking<\/h2>\n<p>MySQL supports locking and unlocking user accounts using the ACCOUNT LOCK and ACCOUNT UNLOCK clauses for the <a href=\"https:\/\/dev.mysql.com\/doc\/refman\/5.7\/en\/create-user.html\" target=\"_blank\" rel=\"noopener noreferrer\">CREATE USER<\/a> and <a href=\"https:\/\/dev.mysql.com\/doc\/refman\/5.7\/en\/alter-user.html\" target=\"_blank\" rel=\"noopener noreferrer\">ALTER USER<\/a> statements:<\/p>\n<ul>\n<li>When used with CREATE USER, these clauses specify the initial locking state for a new account. In the absence of either clause, the account is created in an unlocked state.<\/li>\n<li>When used with ALTER USER, these clauses specify the new locking state for an existing account. In the absence of either clause, the account locking state remains unchanged.<\/li>\n<\/ul>\n<p>So let&rsquo;s create a user <em>batchman<\/em>\u00a0{ not this <a href=\"https:\/\/goo.gl\/images\/b1YLNX\" target=\"_blank\" rel=\"noopener noreferrer\">one<\/a>\u00a0\ud83d\ude42 } with all privileges on <em><a href=\"https:\/\/dev.mysql.com\/doc\/sakila\/en\/\" target=\"_blank\" rel=\"noopener noreferrer\">sakila<\/a><\/em> database:<\/p>\n<pre class=\"lang:mysql decode:true \">mysql&gt; \nselect VERSION();\n+-----------+\n| version() |\n+-----------+\n| 5.7.21    |\n+-----------+\n\nCREATE USER batchman@localhost IDENTIFIED BY 'p4s5W0%d';\n\nGRANT ALL ON sakila.* TO batchman@localhost;<\/pre>\n<p>Account locking state is recorded in the <em>account_locked<\/em> column of the <em>mysql.user<\/em> table:<\/p>\n<pre class=\"lang:mysql decode:true\">mysql&gt; \nSELECT user, host, account_locked FROM mysql.user WHERE user = 'batchman'\\G\n*************************** 1. row ***************************\n          user: batchman\n          host: localhost\naccount_locked: N\n<\/pre>\n<p>The output from <a href=\"https:\/\/dev.mysql.com\/doc\/refman\/5.7\/en\/show-create-user.html\" target=\"_blank\" rel=\"noopener noreferrer\">SHOW CREATE USER<\/a> indicates whether an account is locked or unlocked:<\/p>\n<pre class=\"lang:mysql decode:true\">mysql&gt; \nSHOW CREATE USER batchman@localhost\\G\n*************************** 1. row ***************************\nCREATE USER for batchman@localhost: CREATE USER 'batchman'@'localhost' IDENTIFIED WITH 'mysql_native_password' \nAS '*15E0AF3C6647A20428477A460202CD7C89D78DDF' REQUIRE NONE PASSWORD EXPIRE DEFAULT ACCOUNT UNLOCK<\/pre>\n<p>Indeed accounts are unlock by default.<\/p>\n<p>The new user account is allowed to connect to the server and can handle sakila&rsquo;s objects:<\/p>\n<pre class=\"lang:mysql decode:true\">$ mysql -u batchman -p\n\nmysql_batchman&gt; \nSELECT USER(); SHOW SCHEMAS;\n+--------------------+\n| USER()             |\n+--------------------+\n| batchman@localhost |\n+--------------------+\n\n\n+--------------------+\n| Database           |\n+--------------------+\n| information_schema |\n| sakila             |\n+--------------------+\n<\/pre>\n<h3>Lock\u00a0account<\/h3>\n<p>What if your security policy requires you to lock this account?<\/p>\n<p>ACCOUNT LOCK clause is the answer :<\/p>\n<pre class=\"lang:mysql decode:true \" title=\"Lock an account\">mysql&gt; \nALTER USER batchman@localhost ACCOUNT LOCK;\n\n\nSELECT user, host, account_locked FROM mysql.user WHERE user = 'batchman';\n+----------+-----------+----------------+\n| user     | host      | account_locked |\n+----------+-----------+----------------+\n| batchman | localhost | Y              |\n+----------+-----------+----------------+\n\n\nmysql&gt; \nSHOW CREATE USER batchman@localhost\\G\n*************************** 1. row ***************************\nCREATE USER for batchman@localhost: CREATE USER 'batchman'@'localhost' \nIDENTIFIED WITH 'mysql_native_password' AS '*15E0AF3C6647A20428477A460202CD7C89D78DDF' \nREQUIRE NONE PASSWORD EXPIRE DEFAULT ACCOUNT LOCK\n<\/pre>\n<p><em>batchman@localhost<\/em> is now locked!<\/p>\n<p>Any connection attempt with this user will failed :<\/p>\n<pre class=\"lang:mysql decode:true\" title=\"Locked account\">-- User try to connect\n$ mysql -u batchman -p \n\nERROR 3118 (HY000): Access denied for user 'batchman'@'localhost'. Account is locked.\n<\/pre>\n<p><span style=\"text-decoration: underline;\">Note<\/span>.<\/p>\n<p><em>If the user is still connected you&rsquo;ll need to kill the connection.<\/em><\/p>\n<p>MySQL returns an <a href=\"https:\/\/dev.mysql.com\/doc\/refman\/5.7\/en\/error-messages-server.html#error_er_account_has_been_locked\" target=\"_blank\" rel=\"noopener noreferrer\"><em>ER_ACCOUNT_HAS_BEEN_LOCKED<\/em><\/a> error.<\/p>\n<p>The server increments the <a href=\"https:\/\/dev.mysql.com\/doc\/refman\/5.7\/en\/server-status-variables.html#statvar_Locked_connects\" target=\"_blank\" rel=\"noopener noreferrer\"><strong><em>Locked_connects<\/em><\/strong><\/a> status variable that indicates the number of attempts to connect to a locked account\u00a0and writes a message to the <strong><em>error log<\/em><\/strong> :<\/p>\n<pre class=\"lang:mysql decode:true\" title=\"Monitor a locked account\">-- Back to the administrator session\nmysql&gt; \nSHOW GLOBAL STATUS LIKE 'Locked_connects';\n+-----------------+-------+\n| Variable_name   | Value |\n+-----------------+-------+\n| Locked_connects | 1     |\n+-----------------+-------+\n\n-- In the error log\nmysql&gt; system tail -n1 \/var\/log\/mysqld.log\n2018-02-01T15:30:35.649393Z 65 [Note] Access denied for user 'batchman'@'localhost'. Account is locked.<\/pre>\n<h2>In order to go further<\/h2>\n<ul>\n<li><a href=\"http:\/\/dasini.net\/blog\/2020\/05\/12\/mysql-security-failed-login-tracking-and-temporary-account-locking\/\" target=\"_blank\" rel=\"noopener noreferrer\">MySQL Security \u2013 Failed-Login Tracking and Temporary Account Locking<\/a><\/li>\n<\/ul>\n<h3>MySQL Security Series<\/h3>\n<ol>\n<li><a href=\"http:\/\/dasini.net\/blog\/2018\/03\/01\/mysql-security-password-validation-plugin\/\" target=\"_blank\" rel=\"noopener noreferrer\">Password Validation Plugin<\/a><\/li>\n<li><a href=\"http:\/\/dasini.net\/blog\/2018\/03\/07\/mysql-security-password-management\/\" target=\"_blank\" rel=\"noopener noreferrer\">Password Management<\/a><\/li>\n<li><a href=\"http:\/\/dasini.net\/blog\/2018\/03\/14\/mysql-security-user-account-locking\/\" target=\"_blank\" rel=\"noopener noreferrer\">User Account Locking<\/a><\/li>\n<li><a href=\"http:\/\/dasini.net\/blog\/2018\/03\/29\/mysql-security-the-connection-control-plugins\/\" target=\"_blank\" rel=\"noopener noreferrer\">The Connection-Control Plugins<\/a><\/li>\n<li><a href=\"http:\/\/dasini.net\/blog\/2018\/04\/04\/mysql-security-mysql-enterprise-audit\/\" target=\"_blank\" rel=\"noopener noreferrer\">Enterprise Audit<\/a><\/li>\n<li><a href=\"http:\/\/dasini.net\/blog\/2018\/04\/10\/mysql-security-mysql-enterprise-transparent-data-encryption\/\" target=\"_blank\" rel=\"noopener noreferrer\">Enterprise Transparent Data Encryption (TDE)<\/a><\/li>\n<li><a href=\"http:\/\/dasini.net\/blog\/2018\/04\/16\/mysql-security-mysql-enterprise-firewall\/\" target=\"_blank\" rel=\"noopener noreferrer\">Enterprise Firewall<\/a><\/li>\n<li><a href=\"http:\/\/dasini.net\/blog\/2019\/03\/19\/mysql-security-mysql-enterprise-data-masking-and-de-identification\/\" target=\"_blank\" rel=\"noreferrer noopener\" aria-label=\"Enterprise Data Masking and De-Identification (opens in a new tab)\">Enterprise Data Masking and De-Identification<\/a><\/li>\n<\/ol>\n<h3>Reference Manual<\/h3>\n<ul>\n<li><a href=\"https:\/\/dev.mysql.com\/doc\/mysql-security-excerpt\/5.7\/en\/account-locking.html\" target=\"_blank\" rel=\"noopener noreferrer\">MySQL 5.7 User Account Locking<\/a><\/li>\n<li><a href=\"https:\/\/dev.mysql.com\/doc\/refman\/5.7\/en\/create-user.html\" target=\"_blank\" rel=\"noopener noreferrer\">CREATE USER Syntax<\/a><\/li>\n<\/ul>\n<h3>MySQL Security<\/h3>\n<ul>\n<li><a href=\"https:\/\/dev.mysql.com\/doc\/mysql-security-excerpt\/5.7\/en\/\" target=\"_blank\" rel=\"noopener noreferrer\">Security in MySQL<\/a><\/li>\n<li><a href=\"https:\/\/dev.mysql.com\/doc\/mysql-secure-deployment-guide\/5.7\/en\/\" target=\"_blank\" rel=\"noopener noreferrer\">MySQL 5.7 Secure Deployment Guide<\/a><\/li>\n<li><a href=\"https:\/\/dev.mysql.com\/doc\/refman\/5.7\/en\/security.html\" target=\"_blank\" rel=\"noopener noreferrer\">MySQL 5.7 Reference Manual &#8211; Security<\/a><\/li>\n<\/ul>\n\n\n<div class=\"wp-block-group\"><div class=\"wp-block-group__inner-container is-layout-flow wp-block-group-is-layout-flow\">\n<p><strong><span style=\"text-decoration: underline;\">MySQL Security Serie &#8211; Password Management<\/span><\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\"><li><a aria-label=\"Random Password Generation? (opens in a new tab)\" href=\"http:\/\/dasini.net\/blog\/2020\/04\/15\/mysql-security-random-password-generation\/\" target=\"_blank\" rel=\"noreferrer noopener\" class=\"aioseop-link\">Random Password Generation<\/a><\/li><li><a aria-label=\"Password Expiration Policy? (opens in a new tab)\" href=\"http:\/\/dasini.net\/blog\/2020\/04\/21\/mysql-security-password-expiration-policy\/\" target=\"_blank\" rel=\"noreferrer noopener\" class=\"aioseop-link\">Password Expiration Policy<\/a><\/li><li><a aria-label=\"Password Reuse Policy? (opens in a new tab)\" href=\"http:\/\/dasini.net\/blog\/2020\/04\/28\/mysql-security-password-reuse-policy\/\" target=\"_blank\" rel=\"noreferrer noopener\" class=\"aioseop-link\">Password Reuse Policy<\/a><\/li><li><a aria-label=\"Password Verification-Required Policy? (opens in a new tab)\" href=\"http:\/\/dasini.net\/blog\/2020\/05\/05\/mysql-security-password-verification-required-policy\/\" target=\"_blank\" rel=\"noreferrer noopener\" class=\"aioseop-link\">Password Verification-Required Policy<\/a><\/li><li><a aria-label=\"Failed-Login Tracking and Temporary Account Locking? (opens in a new tab)\" href=\"http:\/\/dasini.net\/blog\/2020\/05\/12\/mysql-security-failed-login-tracking-and-temporary-account-locking\/\" target=\"_blank\" rel=\"noreferrer noopener\" class=\"aioseop-link\">Failed-Login Tracking and Temporary Account Locking<\/a><\/li><li><a href=\"http:\/\/dasini.net\/blog\/2020\/05\/19\/mysql-security-dual-password-support\/\" target=\"_blank\" aria-label=\"Dual Password Support (opens in a new tab)\" rel=\"noreferrer noopener\" class=\"aioseop-link\">Dual Password Support<\/a><\/li><\/ul>\n\n\n<\/div><\/div>\n\n\n\n<div class=\"wp-block-group\"><div class=\"wp-block-group__inner-container is-layout-flow wp-block-group-is-layout-flow\">\n<p><strong><a rel=\"noreferrer noopener\" href=\"https:\/\/www.youtube.com\/channel\/UC12TulyJsJZHoCmby3Nm3WQ\" target=\"_blank\" class=\"aioseop-link\"><span style=\"text-decoration: underline;\">Olivier&rsquo;s MySQL Channel<\/span><\/a><\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\"><li><a href=\"https:\/\/youtu.be\/k4K-scd4oI0\" target=\"_blank\" rel=\"noreferrer noopener\" title=\"Establish a policy for password expiration with MySQL\">Establish a policy for password expiration with MySQL<\/a><\/li><li><a href=\"https:\/\/youtu.be\/VND0KvuX7bc\" target=\"_blank\" rel=\"noreferrer noopener\" title=\"Create users with a random password in MySQL\">Create users with a random password in MySQL<\/a><\/li><li><a href=\"https:\/\/www.youtube.com\/watch?v=4z6-dlGT-Mc\" target=\"_blank\" rel=\"noreferrer noopener\" title=\"Enable restrictions on reuse of previous passwords with MySQL\">Enable restrictions on reuse of previous passwords with MySQL<\/a><\/li><li><a href=\"https:\/\/www.youtube.com\/watch?v=1RwlU14TDWk\" target=\"_blank\" rel=\"noreferrer noopener\" title=\"Require MySQL users to provide their current password to change it\">Require MySQL users to provide their current password to change it<\/a><\/li><li><a href=\"https:\/\/www.youtube.com\/watch?v=6HO_ciRbiXw\" target=\"_blank\" rel=\"noreferrer noopener\" title=\"Temporary Account Locking in MySQL\">Temporary Account Locking in MySQL<\/a><\/li><\/ul>\n\n\n<\/div><\/div>\n\n\n\n<div style=\"height:75px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<p class=\"has-vivid-red-color has-text-color\"><strong>Thanks for using MySQL!<\/strong><\/p>\n\n\n\n<div style=\"height:25px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<div style=\"height:20px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<p><a href=\"https:\/\/www.linkedin.com\/groups\/12524512\/\" target=\"_blank\" rel=\"noopener\" title=\"Olivier DASINI on Linkedin\">Follow me on Linkedin<\/a><\/p>\n\n\n\n<p>Watch my videos on my <a href=\"https:\/\/www.youtube.com\/channel\/UC12TulyJsJZHoCmby3Nm3WQ\" target=\"_blank\" rel=\"noreferrer noopener\" title=\"Olivier's MySQL Channel\">YouTube channel<\/a> and <a href=\"https:\/\/www.youtube.com\/channel\/UC12TulyJsJZHoCmby3Nm3WQ\/?sub_confirmation=1\" target=\"_blank\" rel=\"noreferrer noopener\" title=\"Subscribe\">subscribe<\/a>.<\/p>\n\n\n\n<p>My <a href=\"https:\/\/www.slideshare.net\/freshdaz\" target=\"_blank\" rel=\"noreferrer noopener\" title=\"Olivier DASINI on Slideshare\">Slideshare account<\/a>.<\/p>\n\n\n\n<p>My <a href=\"https:\/\/speakerdeck.com\/freshdaz\/\" target=\"_blank\" rel=\"noreferrer noopener\" title=\"Olivier DASINI on Speaker Deck\">Speaker Deck account<\/a>.<\/p>\n\n\n\n<div style=\"height:25px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<p class=\"has-vivid-red-color has-text-color\"><strong>Thanks for using HeatWave &amp; MySQL!<\/strong><\/p>\n","protected":false},"excerpt":{"rendered":"<p>For security reasons some context require you to setup a user account locking policy. Thus an unauthorized user is not able (anymore) to login to the MySQL server. In this 3rd article of the\u00a0MySQL 5.7 Security series, we\u00a0will see how to [un]lock a user account.<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"jetpack_post_was_ever_published":false,"footnotes":""},"categories":[203,365],"tags":[367,379],"class_list":["post-2177","post","type-post","status-publish","format-standard","hentry","category-mysql-en","category-security","tag-security","tag-user-account-locking"],"aioseo_notices":[],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/p9LfWW-z7","jetpack-related-posts":[{"id":3575,"url":"https:\/\/dasini.net\/blog\/2020\/05\/12\/mysql-security-failed-login-tracking-and-temporary-account-locking\/","url_meta":{"origin":2177,"position":0},"title":"MySQL Security &#8211; Failed-Login Tracking and Temporary Account Locking","author":"Olivier DASINI","date":"12 mai 2020","format":false,"excerpt":"DBA can configure user accounts such that too many consecutive login failures cause temporary account locking.","rel":"","context":"Dans &quot;MySQL&quot;","block_context":{"text":"MySQL","link":"https:\/\/dasini.net\/blog\/category\/mysql-en\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/img.youtube.com\/vi\/6HO_ciRbiXw\/0.jpg?resize=350%2C200","width":350,"height":200},"classes":[]},{"id":3557,"url":"https:\/\/dasini.net\/blog\/2020\/04\/15\/mysql-security-random-password-generation\/","url_meta":{"origin":2177,"position":1},"title":"MySQL Security &#8211; Random Password Generation","author":"Olivier DASINI","date":"15 avril 2020","format":false,"excerpt":"MySQL has the capability of generating random passwords for user accounts, as an alternative to requiring explicit administrator-specified literal passwords.","rel":"","context":"Dans &quot;MySQL&quot;","block_context":{"text":"MySQL","link":"https:\/\/dasini.net\/blog\/category\/mysql-en\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/img.youtube.com\/vi\/VND0KvuX7bc\/0.jpg?resize=350%2C200","width":350,"height":200},"classes":[]},{"id":3567,"url":"https:\/\/dasini.net\/blog\/2020\/05\/19\/mysql-security-dual-password-support\/","url_meta":{"origin":2177,"position":2},"title":"MySQL Security &#8211; Dual Password Support","author":"Olivier DASINI","date":"19 mai 2020","format":false,"excerpt":"Dual-password capability makes it possible to seamlessly perform credential changes without downtime.","rel":"","context":"Dans &quot;MySQL&quot;","block_context":{"text":"MySQL","link":"https:\/\/dasini.net\/blog\/category\/mysql-en\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":2156,"url":"https:\/\/dasini.net\/blog\/2018\/03\/07\/mysql-security-password-management\/","url_meta":{"origin":2177,"position":3},"title":"MySQL Security \u2013 Password Management","author":"Olivier DASINI","date":"7 mars 2018","format":false,"excerpt":"Some regulations required\u00a0that the password is renewed in a timely and appropriate manner (e.g. every 90 days). In this article, 2nd of the MySQL 5.7 Security series, we will see how to\u00a0to establish a policy for password expiration\u00a0with MySQL 5.7\u00a0Password\u00a0Management.","rel":"","context":"Dans &quot;MySQL&quot;","block_context":{"text":"MySQL","link":"https:\/\/dasini.net\/blog\/category\/mysql-en\/"},"img":{"alt_text":"MySQL Security","src":"https:\/\/i0.wp.com\/dasini.net\/blog\/wp-content\/uploads\/MySQL_DB_Lock2.png?resize=350%2C200","width":350,"height":200},"classes":[]},{"id":2136,"url":"https:\/\/dasini.net\/blog\/2018\/03\/01\/mysql-security-password-validation-plugin\/","url_meta":{"origin":2177,"position":4},"title":"MySQL Security \u2013 Password Validation Plugin","author":"Olivier DASINI","date":"1 mars 2018","format":false,"excerpt":"In this article, 1st of a MySQL 5.7 Security series, we will see how to enforce Strong Passwords with Password Validation Plugin when using MySQL 5.7. Authentication with ID and password is a very simple and common (because it\u2019s simple) way to secure the access to a resource, however the\u2026","rel":"","context":"Dans &quot;MySQL&quot;","block_context":{"text":"MySQL","link":"https:\/\/dasini.net\/blog\/category\/mysql-en\/"},"img":{"alt_text":"MySQL Security","src":"https:\/\/i0.wp.com\/dasini.net\/blog\/wp-content\/uploads\/MySQL_DB_Lock2.png?resize=350%2C200","width":350,"height":200},"classes":[]},{"id":3508,"url":"https:\/\/dasini.net\/blog\/2020\/04\/21\/mysql-security-password-expiration-policy\/","url_meta":{"origin":2177,"position":5},"title":"MySQL Security \u2013 Password Expiration Policy","author":"Olivier DASINI","date":"21 avril 2020","format":false,"excerpt":"MySQL provides password-expiration capability, which enables database administrators to require that users reset their password.","rel":"","context":"Dans &quot;MySQL&quot;","block_context":{"text":"MySQL","link":"https:\/\/dasini.net\/blog\/category\/mysql-en\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/img.youtube.com\/vi\/k4K-scd4oI0\/0.jpg?resize=350%2C200","width":350,"height":200},"classes":[]}],"jetpack_likes_enabled":true,"_links":{"self":[{"href":"https:\/\/dasini.net\/blog\/wp-json\/wp\/v2\/posts\/2177","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/dasini.net\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/dasini.net\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/dasini.net\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/dasini.net\/blog\/wp-json\/wp\/v2\/comments?post=2177"}],"version-history":[{"count":27,"href":"https:\/\/dasini.net\/blog\/wp-json\/wp\/v2\/posts\/2177\/revisions"}],"predecessor-version":[{"id":3729,"href":"https:\/\/dasini.net\/blog\/wp-json\/wp\/v2\/posts\/2177\/revisions\/3729"}],"wp:attachment":[{"href":"https:\/\/dasini.net\/blog\/wp-json\/wp\/v2\/media?parent=2177"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/dasini.net\/blog\/wp-json\/wp\/v2\/categories?post=2177"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/dasini.net\/blog\/wp-json\/wp\/v2\/tags?post=2177"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}