[ < ] | [ > ] | [ << ] | [ Up ] | [ >> ] | [Top] | [Contents] | [Index] | [ ? ] |
There are several distinctions between the way usernames and passwords are used by MySQL and the way they are used by Unix or Windows:
-u
or
--user
options. This means that you can't make a database secure in
any way unless all MySQL usernames have passwords. Anyone may
attempt to connect to the server using any name, and they will succeed if
they specify any name that doesn't have a password.
PASSWORD()
and ENCRYPT()
functions in 12.6.2 Encryption Functions. Note that even if the password is stored 'scrambled', and
knowing your 'scrambled' password is enough to be able to connect to
the MySQL server!
From version 4.1, MySQL employs a different password and login mechanism
that is secure even if TCP/IP packets are sniffed and/or the mysql
database is captured.
MySQL users and their privileges are normally created with the
GRANT
command. See section 13.5.1.1 GRANT
and REVOKE
Syntax.
When you login to a MySQL server with a command-line client you
should specify the password with --password=your-password
.
See section 5.4.4 Connecting to the MySQL Server.
mysql --user=monty --password=guess database_name |
If you want the client to prompt for a password, you should use
--password
without any argument
mysql --user=monty --password database_name |
or the short form:
mysql -u monty -p database_name |
Note that in the last example the password is not 'database_name'.
If you want to use the -p
option to supply a password you should do so
like this:
mysql -u monty -pguess database_name |
On some systems, the library call that MySQL uses to prompt for a password will automatically cut the password to 8 characters. Internally MySQL doesn't have any limit for the length of the password.
[ < ] | [ > ] | [ << ] | [ Up ] | [ >> ] | [Top] | [Contents] | [Index] | [ ? ] |