Book Image

MariaDB Cookbook

By : Daniel Bartholomew
Book Image

MariaDB Cookbook

By: Daniel Bartholomew

Overview of this book

Table of Contents (20 chapters)
MariaDB Cookbook
Credits
About the Author
About the Reviewers
www.PacktPub.com
Preface
Index

Checking for users with insecure passwords


Our actual MariaDB user passwords are not stored in plain text by MariaDB as it would be very insecure. Instead, a mathematical hash of the password is stored. When we are connected, MariaDB hashes the password that we enter and compares it to the stored hash. This is all well and good, but in MariaDB, there are actually two hashing options and one is definitely better than the other.

How to do it...

To discover the password hashing function used by MariaDB and to make sure all of the users on our server are using the more secure option, perform the following steps:

  1. Open the mysql command-line client and connect to our MariaDB database server with a user that has the SUPER privilege.

  2. Find out what the value of the old_passwords variable is by using the following statement:

    SELECT @@old_passwords;
    
  3. If the value is not 0, inspect our configuration files and look for the setting. Remove any found instances (the entire line) and restart MariaDB.

  4. Go back to...