Category Archives: Security

MySQL 8.0.4 : New Default Authentication Plugin : caching_sha2_password

Starting with MySQL 8.0.4, we are changing the default authentication plugin for MySQL server from mysql_native_password to caching_sha2_password. Correspondingly, libmysqlclient will now use caching_sha2_password as the default authentication mechanism, too.

Why did we do it?

The advantage of mysql_native_password is that it support challenge-response mechanism which is very quick and does not require encrypted connection.…

MySQL 8.0.4, OpenSSL, and MySQL Community Edition

Starting with the MySQL Community 8.0.4-RC we are unifying on OpenSSL as the default TLS/SSL library for both MySQL Enterprise Edition and MySQL Community Edition. Previously, MySQL Community Edition used YaSSL.

Why make this change?

  • Community Requests – Supporting OpenSSL in the MySQL Community Edition has been one of the most frequently requested features.

MySQL 8.0: Making User Management DDLs Atomic

With MySQL 8.0, we are bringing in an important change in the way user management DDLs are executed.


User management DDLs cover following user management actions:

  • Altering user account properties (ALTER USER [IF EXISTS])
  • Dropping user/role from database (DROP USER [IF EXISTS] / DROP ROLE [IF EXISTS])
  • Granting/Revoking privileges to/from a user/role (GRANT/REVOKE)

Each of these administrative action can handle multiple entities as a part of single command.…

Simplified SSL/TLS Setup for MySQL Community

Transport Layer Security (TLS, also often referred to as SSL) is an important component of a secure MySQL deployment, but the complexities of properly generating the necessary key material and configuring the server dissuaded many users from completing this task.  MySQL Server 5.7 simplifies this task for both Enterprise and Community users. …