Documentation Home
MySQL 5.7 Reference Manual
Related Documentation Download this Manual
PDF (US Ltr) - 35.0Mb
PDF (A4) - 35.1Mb
Man Pages (TGZ) - 255.4Kb
Man Pages (Zip) - 360.2Kb
Info (Gzip) - 3.4Mb
Info (Zip) - 3.4Mb
Excerpts from this Manual

MySQL 5.7 Reference Manual  /  ...  /  Native Pluggable Authentication

6.4.1.1 Native Pluggable Authentication

MySQL includes two plugins that implement native authentication; that is, authentication based on the password hashing methods in use from before the introduction of pluggable authentication. This section describes mysql_native_password, which implements authentication against the mysql.user system table using the native password hashing method. For information about mysql_old_password, which implements authentication using the older (pre-4.1) native password hashing method, see Section 6.4.1.2, “Old Native Pluggable Authentication”. For information about these password hashing methods, see Section 6.1.2.4, “Password Hashing in MySQL”.

The following table shows the plugin names on the server and client sides.

Table 6.8 Plugin and Library Names for Native Password Authentication

Plugin or File Plugin or File Name
Server-side plugin mysql_native_password
Client-side plugin mysql_native_password
Library file None (plugins are built in)

The following sections provide installation and usage information specific to native pluggable authentication:

For general information about pluggable authentication in MySQL, see Section 6.2.13, “Pluggable Authentication”.

Installing Native Pluggable Authentication

The mysql_native_password plugin exists in server and client forms:

  • The server-side plugin is built into the server, need not be loaded explicitly, and cannot be disabled by unloading it.

  • The client-side plugin is built into the libmysqlclient client library and is available to any program linked against libmysqlclient.

Using Native Pluggable Authentication

MySQL client programs use mysql_native_password by default. The --default-auth option can be used as a hint about which client-side plugin the program can expect to use:

$> mysql --default-auth=mysql_native_password ...