Documentation Home
Security in MySQL
Related Documentation Download this Excerpt
PDF (US Ltr) - 1.9Mb
PDF (A4) - 1.9Mb
HTML Download (TGZ) - 417.7Kb
HTML Download (Zip) - 425.0Kb

Security in MySQL  /  ...  /  Transitioning to the Password Validation Component

6.3.3 Transitioning to the Password Validation Component


In MySQL 8.0, the validate_password plugin was reimplemented as the validate_password component. The validate_password plugin is deprecated and will be removed in a future version of MySQL.

MySQL installations that currently use the validate_password plugin should make the transition to using the validate_password component instead. To do so, use the following procedure. The procedure installs the component before uninstalling the plugin, to avoid having a time window during which no password validation occurs. (The component and plugin can be installed simultaneously. In this case, the server attempts to use the component, falling back to the plugin if the component is unavailable.)

  1. Install the validate_password component:

    INSTALL COMPONENT 'file://component_validate_password';
  2. Test the validate_password component to ensure that it works as expected. If you need to set any system variables, you can do so at runtime using SET GLOBAL. (Any option file changes that must be made are performed in the next step.)

  3. Adjust any references to the plugin system and status variables to refer to the corresponding component system and status variables. Suppose that you configure the plugin at startup using an option file like this:


    To adjust the option file, omit the --validate-password option (it applies only to the plugin, not the component), and modify the system variable references:


    Similar adjustments are needed for applications that refer at runtime to validate_password plugin system and status variables.

  4. Uninstall the validate_password plugin:

    UNINSTALL PLUGIN validate_password;

    If the validate_password plugin is loaded at server startup using a --plugin-load or --plugin-load-add option, omit that option from the server startup procedure. For example, if the option is listed in a server option file, remove it from the file.

  5. Restart the server.