Starting with MySQL 8.0.4, we are changing the default authentication plugin for MySQL server from mysql_native_password to caching_sha2_password. Correspondingly, libmysqlclient will now use caching_sha2_password as the default authentication mechanism, too.
Why did we do it?
The advantage of mysql_native_password is that it support challenge-response mechanism which is very quick and does not require encrypted connection.…
With MySQL 8.0, we are bringing in an important change in the way user management DDLs are executed.
User management DDLs cover following user management actions:
- Creating user/role (CREATE USER [IF NOT EXISTS] / CREATE ROLE [IF NOT EXISTS])
- Altering user account properties (ALTER USER [IF EXISTS])
- Dropping user/role from database (DROP USER [IF EXISTS] / DROP ROLE [IF EXISTS])
- Granting/Revoking privileges to/from a user/role (GRANT/REVOKE)
Each of these administrative action can handle multiple entities as a part of single command.…
MySQL 5.7 comes with enhancements which makes a deployment secure by default. These features try to minimize attack surface as much as possible without hampering usability aspect. They are useful for novice user because they help close common security loopholes which can be leveraged by an attacker.…
MySQL 5.7 server binaries compiled with the OpenSSL library now make it easy to set up SSL/TLS and RSA artifacts, and to enable them within MySQL. Two new read-only global options have been introduced through this work:
--auto-generate-certs: Enables automatic generation and detection of SSL artifacts at server start-up.
A Quick Security Update
Starting with MySQL 5.7.6, the following functions are now deprecated:
DES (Data Encryption Standard) is known to be less secure and slower than other available encryption methods. There are also many well known attack methods that can be used against it.…