MySQL 5.6 Reference Manual
MySQL 5.6 Release Notes
Abstract
This is the MySQL Security Guide extract from the MySQL 5.6 Reference Manual.
For legal information, see the Legal Notices.
For help with using MySQL, please visit the MySQL Forums, where you can discuss your issues with other MySQL users.
Document generated on: 2023-02-08 (revision: 74963)
Table of Contents
- Preface and Legal Notices
- 1 Security
- 2 General Security Issues
- 3 Postinstallation Setup and Testing
- 4 Access Control and Account Management
- 4.1 Account User Names and Passwords
- 4.2 Privileges Provided by MySQL
- 4.3 Grant Tables
- 4.4 Specifying Account Names
- 4.5 Access Control, Stage 1: Connection Verification
- 4.6 Access Control, Stage 2: Request Verification
- 4.7 Adding Accounts, Assigning Privileges, and Dropping Accounts
- 4.8 When Privilege Changes Take Effect
- 4.9 Assigning Account Passwords
- 4.10 Server Handling of Expired Passwords
- 4.11 Pluggable Authentication
- 4.12 Proxy Users
- 4.13 Setting Account Resource Limits
- 4.14 Troubleshooting Problems Connecting to MySQL
- 4.15 SQL-Based Account Activity Auditing
- 5 Using Encrypted Connections
- 6 Security Plugins
- 6.1 Authentication Plugins
- 6.1.1 Native Pluggable Authentication
- 6.1.2 Old Native Pluggable Authentication
- 6.1.3 Migrating Away from Pre-4.1 Password Hashing and the mysql_old_password Plugin
- 6.1.4 SHA-256 Pluggable Authentication
- 6.1.5 Client-Side Cleartext Pluggable Authentication
- 6.1.6 PAM Pluggable Authentication
- 6.1.7 Windows Pluggable Authentication
- 6.1.8 Socket Peer-Credential Pluggable Authentication
- 6.1.9 Test Pluggable Authentication
- 6.2 The Connection-Control Plugins
- 6.3 The Password Validation Plugin
- 6.4 MySQL Enterprise Audit
- 6.5 MySQL Enterprise Firewall
- A MySQL 5.6 FAQ: Security