Install MySQL Password Validation Plugin on Linux

When thinking about security within a MySQL installation is protecting MySQL data. MySQL provides many tools and plugins in order to protect your data. Now MySQL version 5.6.4 comes with a new security plugin called Password Validation Plugin. The password should be structured and security based. In other words, to increase the security level, you require user and passwords meet at least your minimal security requirements, using the MySQL Password validation plugin.

MySQL Password

Verify MySQL Version:

The Password validation plugin serves to test passwords and improve security. You can check the MySQL version using mention commands.

# mysql -u root -p
mysql> SHOW VARIABLES LIKE 'version%';
+-------------------------+------------------------------+
| Variable_name | Value |
+-------------------------+------------------------------+
| version | 5.6.43 |
| version_comment | MySQL Community Server (GPL) |
| version_compile_machine | x86_64 |
| version_compile_os | Linux |
+-------------------------+------------------------------+
4 rows in set (0.00 sec)
MySQL Version

MySQL Plugin Directory:

All MySQL plugins are located on the plugin directory. To know the location of the MySQL plugin location use-mention command.

# mysql -u root -p
mysql> SHOW VARIABLES LIKE 'plugin_dir';
+---------------+--------------------------+
| Variable_name | Value |
+---------------+--------------------------+
| plugin_dir | /usr/lib64/mysql/plugin/ |
+---------------+--------------------------+
1 row in set (0.00 sec)
MySQL Plugin Directory

Restart the MySQL service.

For CentOS/RHEL 7
# systemctl restart mysql
For CentOS/RHEL 6
# service mysql restart

Install MySQL Plugin:

If validate_password plugin is not installed please use-mention command to install MySQL plugin.

# mysql -u root -p
mysql> INSTALL PLUGIN validate_password SONAME 'validate_password.so';
mysql> SELECT PLUGIN_NAME, PLUGIN_STATUS FROM INFORMATION_SCHEMA.PLUGINS WHERE PLUGIN_NAME LIKE 'validate%';
+-------------------+---------------+
| PLUGIN_NAME | PLUGIN_STATUS |
+-------------------+---------------+
| validate_password | ACTIVE |
+-------------------+---------------+
1 row in set (0.01 sec)
Install MySQL Plugin

You can also install the plugin using adding the entry in MySQL configuration file.

# vim /etc/my.cnf

Add the mention line.

[mysqld]
plugin-load-add=validate_password.so

Verify Plugin Status:

After installing the plugin you can verify it using mention commands.

# mysql -u root -p
mysql> SHOW VARIABLES LIKE 'validate%';
+--------------------------------------+--------+
| Variable_name | Value |
+--------------------------------------+--------+
| validate_password_dictionary_file | |
| validate_password_length | 8 |
| validate_password_mixed_case_count | 1 |
| validate_password_number_count | 1 |
| validate_password_policy | MEDIUM |
| validate_password_special_char_count | 1 |
+--------------------------------------+--------+
6 rows in set (0.00 sec)
MySQL Plugin Status
# mysql -u root -p
mysql> SHOW STATUS LIKE 'validate%';
+-----------------------------------------------+---------------------+
| Variable_name | Value |
+-----------------------------------------------+---------------------+
| validate_password_dictionary_file_last_parsed | 2019-03-19 13:35:53 |
| validate_password_dictionary_file_words_count | 0 |
+-----------------------------------------------+---------------------+
2 rows in set (0.00 sec)
MySQL Plugin Validation

Uninstall MySQL Plugin:

you can simply uninstall the validate_password plugin from your MySQL server.

# mysql -u root -p
mysql> UNINSTALL PLUGIN validate_password;
Uninstall MySQL Plugin

If you don’t need to uninstall the plugin, then simply change the password policy of MySQL.

Enjoy it!

Leave a Reply

Your email address will not be published.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.