patternsqlMinor
User has no password set
Viewed 0 times
userhassetpassword
Problem
I see these when running MySQLTuner.pl:
Thanks
-------- Security Recommendations -------------------------------------------
[!!] User '@debian' has no password set.
[!!] User '@localhost' has no password set.
------------------------------------------------------------------------------- Is it a security hole?
- How to fix it?
Thanks
Solution
That is definite a security hole. That's because mysql was installed that way.
To remove those entries, please run these lines
Here are three(3) past posts I wrote on how and why to do such cleanup of
To remove those entries, please run these lines
DELETE FROM mysql.user WHERE user='' or password='';
FLUSH PRIVILEGES;Here are three(3) past posts I wrote on how and why to do such cleanup of
mysql.user and mysql.db- Secure method beside phpMyAdmin for remote mysql
- MySQL error: Access denied for user 'a'@'localhost' (using password: YES)
- MySQL : Why are there "test" entries in mysql.db?
Code Snippets
DELETE FROM mysql.user WHERE user='' or password='';
FLUSH PRIVILEGES;Context
StackExchange Database Administrators Q#17147, answer score: 6
Revisions (0)
No revisions yet.