Category Archives: Security

You can now grant CREATE USER so that your web apps would be able to use multiple accounts without you risking the end user hijacking the database by changing your root credentials for example. …

MySQL 8.0.13: Change Current Password Policy

November 15, 2018Security, User managementRahul Sisondia

We have introduced a new policy for you to enforce on your non-privileged users. It requires their current password at the time they set a new password. It is optional and off by default. You can control it globally (for all non-privileged users) or on a per-user basis.…

Data Masking in MySQL

November 8, 2018Enterprise, Plugins, SecurityIvan Švaljek

If you’re here, that probably means you’re about to acquire some sensitive data to take care of. Or that you’ve already acquired it and are protecting it, and you want to see how MySQL Enterprise Data Masking and De-Identification features can help you do it in an easier, better and more efficient manner.…

The connection_control plugin : Keeping brute force attack in check

June 20, 2018Community, MySQL, SecuritySecurityHarin Vadodaria

To quote book of all knowledge:

In cryptography, a brute-force attack consists of an attacker trying many
passwords or passphrases with the hope of eventually guessing correctly.
The attacker systematically checks all possible passwords and passphrases
until the correct one is found.

…

Password reuse policy in MySQL 8.0

March 13, 2018MySQL, Security, User managementGeorgi Kodinov

MySQL has various kinds of password policy enforcement tools: a password can expire (even automatically), can be forced to be of a certain length, contain amounts of various types of characters and be checked against a dictionary of common passwords or the user account name itself.…

MySQL 8.0.4 : New Default Authentication Plugin : caching_sha2_password

January 25, 2018Authentication, MySQL, Plugins, Security, User managementHarin Vadodaria

Starting with MySQL 8.0.4, we are changing the default authentication plugin for MySQL server from mysql_native_password to caching_sha2_password. Correspondingly, libmysqlclient will now use caching_sha2_password as the default authentication mechanism, too.

Why did we do it?

The advantage of mysql_native_password is that it support challenge-response mechanism which is very quick and does not require encrypted connection.…

MySQL 8.0.4, OpenSSL, and MySQL Community Edition

January 24, 2018Community, MySQL, Security, SSLFrédéric Descamps

Starting with the MySQL Community 8.0.4-RC we are unifying on OpenSSL as the default TLS/SSL library for both MySQL Enterprise Edition and MySQL Community Edition. Previously, MySQL Community Edition used YaSSL.

Why make this change?

Community Requests – Supporting OpenSSL in the MySQL Community Edition has been one of the most frequently requested features.

…

Protecting Data with Digital Signatures by Example using MySQL Enterprise Edition

June 21, 2017MySQL, Security, SSLMike Frank

Often databases contain data that needs to be proven as valid and authentic. We want to ensure that a known person or other sender (e.g. a trusted app) of the information can’t deny content, nor that the content can change without that person (senders) consent.…

MySQL Server Blog

News from the MySQL Server Team