Administrator Guidelines for Password Security
Database administrators should use the following guidelines to keep passwords secure.
MySQL stores passwords for user accounts in the mysql.user table. Access to this table should
never be granted to any nonadministrative accounts.
Account passwords can be expired so that users must reset them. See Section 6.3.6, “Password
Expiration and Sandbox Mode”.
The validate_password plugin can be used to enforce a policy on acceptable password. See
Section 6.1.2.6, “The Password Validation Plugin”.
A user who has access to modify the plugin directory (the value of the plugin_dir [538] system
variable) or the my.cnf file that specifies the location of the plugin directory can replace plugins and
modify the capabilities provided by plugins, including authentication plugins.
Files such as log files to which passwords might be written should be protected. See Section 6.1.2.3,
“Passwords and Logging”.
... zobacz całą notatkę
Komentarze użytkowników (0)