精华内容
下载资源
问答
  • password
    千次阅读
    2022-01-18 20:16:48

    承接了一个新项目,需要继承旧的用户数据。

    账号密码解密使用了\yii\base\Security::generatePasswordHash($password, $cost)方法。

    generatePasswordHash($password, $cost = null)
    //php的生成密文
    //默认的cost是13,是时间复杂度
    return password_hash($password, PASSWORD_DEFAULT, ['cost' => $cost]);

    账号密码解密使用了\yii\base\Security::validatePassword($password, $db_pwd)方法。

    \yii\base\Security::validatePassword($password, $db_pwd);
    //即
    password_verify($password, $db_pwd);

    其中$password是明文,$data是加密值。

    JAVA验证代码

    1. 注意要替换$2y$,$2y$,$2a$,$2b$不影响散列值。

        public boolean match(String password, String db_pwd) {
            //'$2y$'替换成'¥2a$'
            String u = "$2a".concat(db_pwd.substring(3));
            return BCrypt.checkpw(password, u);
        }
    更多相关内容
  • PASSWORD_VERIFY_FUNCTION(口令复杂性验证) 在官方文档中该参数的阐述: PASSWORD_VERIFY_FUNCTION子句允许PL/SQL密码复杂性验证脚本作为参数传递给CREATEPROFILE语句 一、PASSWORD_VERIFY_FUNCTION参数语法: ...

    PASSWORD_VERIFY_FUNCTION(口令复杂性验证)

    在官方文档中该参数的阐述:
    PASSWORD_VERIFY_FUNCTION子句允许PL/SQL密码复杂性验证脚本作为参数传递给CREATEPROFILE语句

    一、PASSWORD_VERIFY_FUNCTION参数语法:

    语法:

    ALTER PROFILE profile LIMIT
      { resource_parameters | password_parameters } ...
      ;
    

    password_parameters 中 PASSWORD_VERIFY_FUNCTION 部分如下:

    {| PASSWORD_VERIFY_FUNCTION
      { function | NULL | DEFAULT }
    }
    
    • 对于FUNCTION(函数)指定密码复杂度验证例程的名称,该FUNCTION必须存在于SYS用户中,并且您必须对该函数具有执行权限.
    • 指定NULL表示未执行密码验证.

    二、Oracle数据库提供默认脚本中创建的两个例程

    Oracle数据库提供默认脚本,在11g数据库提供默认脚本中可以创建的两个例程,但你也可以创建自己的例程或使用第三方软件

    1、verify_function_11G

    - 密码复杂度:
    密码必须至少包含一个数字,一个字符
    密码长度至少为8
    

    2、verify_function

    - 密码复杂度:
    密码必须包含至少一个数字,一个字符和一个标点符号
    密码长度至少为4
    

    3、执行脚本

    $ cd $ORACLE_HOME
    $ sqlplus / as sysdba
    SQL> @?/rdbms/admin/utlpwdmg.sql 
    
    Function created.
    
    
    Grant succeeded.
    
    
    Profile altered.
    
    
    Function created.
    
    
    Grant succeeded.
    
    SQL> 
    

    4、在profile中修改PASSWORD_VERIFY_FUNCTION(口令复杂性验证)

    1、查看当前开启用户及其profile 
    select username,profile from dba_users where account_status='OPEN'; 
    
    2、使用缺省的profile-DEFAULT 修改口令复杂性验证为 "VERIFY_FUNCTION_11G" 例程
    #即:密码必须至少包含一个数字,一个字符,密码长度至少为8
    alter profile DEFAULT limit PASSWORD_VERIFY_FUNCTION VERIFY_FUNCTION_11G;  
    
    3、使用缺省的profile-DEFAULT 修改口令复杂性验证为 "verify_function" 例程
    #即:密码必须包含至少一个数字,一个字符和一个标点符号,密码长度至少为4
    alter profile DEFAULT limit PASSWORD_VERIFY_FUNCTION VERIFY_FUNCTION;
    
    4、关闭密码口令复杂度认证
    alter profile DEFAULT limit PASSWORD_VERIFY_FUNCTION null;
    

    5、若自己有对密码复杂度有其他需求,把 “utlpwdmg.sql” 脚本按需修改执行即可,原脚本内容如下:

    Rem
    Rem $Header: rdbms/admin/utlpwdmg.sql /st_rdbms_11.2.0/1 2013/01/31 01:34:11 skayoor Exp $
    Rem
    Rem utlpwdmg.sql
    Rem
    Rem Copyright (c) 2006, 2013, Oracle and/or its affiliates. 
    Rem All rights reserved. 
    Rem
    Rem    NAME
    Rem      utlpwdmg.sql - script for Default Password Resource Limits
    Rem
    Rem    DESCRIPTION
    Rem      This is a script for enabling the password management features
    Rem      by setting the default password resource limits.
    Rem
    Rem    NOTES
    Rem      This file contains a function for minimum checking of password
    Rem      complexity. This is more of a sample function that the customer
    Rem      can use to develop the function for actual complexity checks that the 
    Rem      customer wants to make on the new password.
    Rem
    Rem    MODIFIED   (MM/DD/YY)
    Rem    skayoor     01/17/13 - Backport skayoor_bug-14671375 from main
    Rem    asurpur     05/30/06 - fix - 5246666 beef up password complexity check 
    Rem    nireland    08/31/00 - Improve check for username=password. #1390553
    Rem    nireland    06/28/00 - Fix null old password test. #1341892
    Rem    asurpur     04/17/97 - Fix for bug479763
    Rem    asurpur     12/12/96 - Changing the name of password_verify_function
    Rem    asurpur     05/30/96 - New script for default password management
    Rem    asurpur     05/30/96 - Created
    Rem
    
    
    -- This script sets the default password resource parameters
    -- This script needs to be run to enable the password features.
    -- However the default resource parameters can be changed based 
    -- on the need.
    -- A default password complexity function is also provided.
    -- This function makes the minimum complexity checks like
    -- the minimum length of the password, password not same as the
    -- username, etc. The user may enhance this function according to
    -- the need.
    -- This function must be created in SYS schema.
    -- connect sys/<password> as sysdba before running the script
    
    CREATE OR REPLACE FUNCTION verify_function_11G
    (username varchar2,
      password varchar2,
      old_password varchar2)
      RETURN boolean IS 
       n boolean;
       m integer;
       differ integer;
       isdigit boolean;
       ischar  boolean;
       ispunct boolean;
       db_name varchar2(40);
       digitarray varchar2(20);
       punctarray varchar2(25);
       chararray varchar2(52);
       i_char varchar2(10);
       simple_password varchar2(10);
       reverse_user varchar2(32);
    
    BEGIN 
       digitarray:= '0123456789';
       chararray:= 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
    
       -- Check for the minimum length of the password
       IF length(password) < 8 THEN
          raise_application_error(-20001, 'Password length less than 8');
       END IF;
    
    
       -- Check if the password is same as the username or username(1-100)
       IF NLS_LOWER(password) = NLS_LOWER(username) THEN
         raise_application_error(-20002, 'Password same as or similar to user');
       END IF;
       FOR i IN 1..100 LOOP
          i_char := to_char(i);
          if NLS_LOWER(username)|| i_char = NLS_LOWER(password) THEN
            raise_application_error(-20005, 'Password same as or similar to user name ');
          END IF;
        END LOOP;
    
       -- Check if the password is same as the username reversed
       
       FOR i in REVERSE 1..length(username) LOOP
         reverse_user := reverse_user || substr(username, i, 1);
       END LOOP;
       IF NLS_LOWER(password) = NLS_LOWER(reverse_user) THEN
         raise_application_error(-20003, 'Password same as username reversed');
       END IF;
    
       -- Check if the password is the same as server name and or servername(1-100)
       select name into db_name from sys.v$database;
       if NLS_LOWER(db_name) = NLS_LOWER(password) THEN
          raise_application_error(-20004, 'Password same as or similar to server name');
       END IF;
       FOR i IN 1..100 LOOP
          i_char := to_char(i);
          if NLS_LOWER(db_name)|| i_char = NLS_LOWER(password) THEN
            raise_application_error(-20005, 'Password same as or similar to server name ');
          END IF;
        END LOOP;
    
       -- Check if the password is too simple. A dictionary of words may be
       -- maintained and a check may be made so as not to allow the words
       -- that are too simple for the password.
       IF NLS_LOWER(password) IN ('welcome1', 'database1', 'account1', 'user1234', 'password1', 'oracle123', 'computer1', 'abcdefg1', 'change_on_install') THEN
          raise_application_error(-20006, 'Password too simple');
       END IF;
    
       -- Check if the password is the same as oracle (1-100)
        simple_password := 'oracle';
        FOR i IN 1..100 LOOP
          i_char := to_char(i);
          if simple_password || i_char = NLS_LOWER(password) THEN
            raise_application_error(-20007, 'Password too simple ');
          END IF;
        END LOOP;
    
       -- Check if the password contains at least one letter, one digit 
       -- 1. Check for the digit
       isdigit:=FALSE;
       m := length(password);
       FOR i IN 1..10 LOOP 
          FOR j IN 1..m LOOP 
             IF substr(password,j,1) = substr(digitarray,i,1) THEN
                isdigit:=TRUE;
                 GOTO findchar;
             END IF;
          END LOOP;
       END LOOP;
    
       IF isdigit = FALSE THEN
          raise_application_error(-20008, 'Password must contain at least one digit, one character');
       END IF;
       -- 2. Check for the character
       <<findchar>>
       ischar:=FALSE;
       FOR i IN 1..length(chararray) LOOP 
          FOR j IN 1..m LOOP 
             IF substr(password,j,1) = substr(chararray,i,1) THEN
                ischar:=TRUE;
                 GOTO endsearch;
             END IF;
          END LOOP;
       END LOOP;
       IF ischar = FALSE THEN
          raise_application_error(-20009, 'Password must contain at least one \
                  digit, and one character');
       END IF;
    
    
       <<endsearch>>
       -- Check if the password differs from the previous password by at least
       -- 3 letters
       IF old_password IS NOT NULL THEN
         differ := length(old_password) - length(password);
    
         differ := abs(differ);
         IF differ < 3 THEN
           IF length(password) < length(old_password) THEN
             m := length(password);
           ELSE
             m := length(old_password);
           END IF;
    
           FOR i IN 1..m LOOP
             IF substr(password,i,1) != substr(old_password,i,1) THEN
               differ := differ + 1;
             END IF;
           END LOOP;
    
           IF differ < 3 THEN
             raise_application_error(-20011, 'Password should differ from the \
                old password by at least 3 characters');
           END IF;
         END IF;
       END IF;
       -- Everything is fine; return TRUE ;   
       RETURN(TRUE);
    END;
    /
    
    GRANT EXECUTE ON verify_function_11G TO PUBLIC;
    
    -- This script alters the default parameters for Password Management
    -- This means that all the users on the system have Password Management
    -- enabled and set to the following values unless another profile is 
    -- created with parameter values set to different value or UNLIMITED 
    -- is created and assigned to the user.
    
    ALTER PROFILE DEFAULT LIMIT
    PASSWORD_LIFE_TIME 180
    PASSWORD_GRACE_TIME 7
    PASSWORD_REUSE_TIME UNLIMITED
    PASSWORD_REUSE_MAX UNLIMITED
    FAILED_LOGIN_ATTEMPTS 10
    PASSWORD_LOCK_TIME 1
    PASSWORD_VERIFY_FUNCTION verify_function_11G;
    
    
    
    -- Below is the older version of the script
    
    -- This script sets the default password resource parameters
    -- This script needs to be run to enable the password features.
    -- However the default resource parameters can be changed based 
    -- on the need.
    -- A default password complexity function is also provided.
    -- This function makes the minimum complexity checks like
    -- the minimum length of the password, password not same as the
    -- username, etc. The user may enhance this function according to
    -- the need.
    -- This function must be created in SYS schema.
    -- connect sys/<password> as sysdba before running the script
    
    CREATE OR REPLACE FUNCTION verify_function
    (username varchar2,
      password varchar2,
      old_password varchar2)
      RETURN boolean IS 
       n boolean;
       m integer;
       differ integer;
       isdigit boolean;
       ischar  boolean;
       ispunct boolean;
       digitarray varchar2(20);
       punctarray varchar2(25);
       chararray varchar2(52);
    
    BEGIN 
       digitarray:= '0123456789';
       chararray:= 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
       punctarray:='!"#$%&()``*+,-/:;<=>?_';
    
       -- Check if the password is same as the username
       IF NLS_LOWER(password) = NLS_LOWER(username) THEN
         raise_application_error(-20001, 'Password same as or similar to user');
       END IF;
    
       -- Check for the minimum length of the password
       IF length(password) < 4 THEN
          raise_application_error(-20002, 'Password length less than 4');
       END IF;
    
       -- Check if the password is too simple. A dictionary of words may be
       -- maintained and a check may be made so as not to allow the words
       -- that are too simple for the password.
       IF NLS_LOWER(password) IN ('welcome', 'database', 'account', 'user', 'password', 'oracle', 'computer', 'abcd') THEN
          raise_application_error(-20002, 'Password too simple');
       END IF;
    
       -- Check if the password contains at least one letter, one digit and one
       -- punctuation mark.
       -- 1. Check for the digit
       isdigit:=FALSE;
       m := length(password);
       FOR i IN 1..10 LOOP 
          FOR j IN 1..m LOOP 
             IF substr(password,j,1) = substr(digitarray,i,1) THEN
                isdigit:=TRUE;
                 GOTO findchar;
             END IF;
          END LOOP;
       END LOOP;
       IF isdigit = FALSE THEN
          raise_application_error(-20003, 'Password should contain at least one digit, one character and one punctuation');
       END IF;
       -- 2. Check for the character
       <<findchar>>
       ischar:=FALSE;
       FOR i IN 1..length(chararray) LOOP 
          FOR j IN 1..m LOOP 
             IF substr(password,j,1) = substr(chararray,i,1) THEN
                ischar:=TRUE;
                 GOTO findpunct;
             END IF;
          END LOOP;
       END LOOP;
       IF ischar = FALSE THEN
          raise_application_error(-20003, 'Password should contain at least one \
                  digit, one character and one punctuation');
       END IF;
       -- 3. Check for the punctuation
       <<findpunct>>
       ispunct:=FALSE;
       FOR i IN 1..length(punctarray) LOOP 
          FOR j IN 1..m LOOP 
             IF substr(password,j,1) = substr(punctarray,i,1) THEN
                ispunct:=TRUE;
                 GOTO endsearch;
             END IF;
          END LOOP;
       END LOOP;
       IF ispunct = FALSE THEN
          raise_application_error(-20003, 'Password should contain at least one \
                  digit, one character and one punctuation');
       END IF;
    
       <<endsearch>>
       -- Check if the password differs from the previous password by at least
       -- 3 letters
       IF old_password IS NOT NULL THEN
         differ := length(old_password) - length(password);
    
         IF abs(differ) < 3 THEN
           IF length(password) < length(old_password) THEN
             m := length(password);
           ELSE
             m := length(old_password);
           END IF;
    
           differ := abs(differ);
           FOR i IN 1..m LOOP
             IF substr(password,i,1) != substr(old_password,i,1) THEN
               differ := differ + 1;
             END IF;
           END LOOP;
    
           IF differ < 3 THEN
             raise_application_error(-20004, 'Password should differ by at \
             least 3 characters');
           END IF;
         END IF;
       END IF;
       -- Everything is fine; return TRUE ;   
       RETURN(TRUE);
    END;
    /
    
    GRANT EXECUTE ON verify_function TO PUBLIC;
    
    Rem *************************************************************************
    Rem END Password Verification Functions
    Rem *************************************************************************
    
    Rem *************************************************************************
    Rem BEGIN Password Management Parameters
    Rem *************************************************************************
    
    -- This script alters the default parameters for Password Management
    -- This means that all the users on the system have Password Management
    -- enabled and set to the following values unless another profile is 
    -- created with parameter values set to different value or UNLIMITED 
    -- is created and assigned to the user.
    
    -- Enable this if you want older version of the Password Profile parameters
    -- ALTER PROFILE DEFAULT LIMIT
    -- PASSWORD_LIFE_TIME 60
    -- PASSWORD_GRACE_TIME 10
    -- PASSWORD_REUSE_TIME 1800
    -- PASSWORD_REUSE_MAX UNLIMITED
    -- FAILED_LOGIN_ATTEMPTS 3
    -- PASSWORD_LOCK_TIME 1/1440
    -- PASSWORD_VERIFY_FUNCTION verify_function;
    
    
    展开全文
  • 问题:ERROR 1045 (28000): Access denied for user ‘root’@‘localhost’ (using password: NO) 很久没用这台电脑的mysql了,今天需要连接数据库,启动数据库报错: ERROR 1045 (28000): Access denied for user ...

    2021年12月20日。本文可收藏可转载可抄袭,但是麻烦抄袭的时候抄全点,别删的不成样子,让人瞎踩坑,这是在害人。我的博客大多比较详细,也可以说是啰嗦,因为用CSDN的大多是小白,将心比心,想想自己当初被垃圾博客搞得焦头烂额的时候。


    2021年11月25日修改,标示打开的CMD窗口次序。


    问题:ERROR 1045 (28000): Access denied for user ‘root’@‘localhost’ (using password: NO)

    很久没用这台电脑的mysql了,今天需要连接数据库,启动数据库报错:
    ERROR 1045 (28000): Access denied for user ‘root’@‘localhost’ (using password: NO)
    在这里插入图片描述

    解决方法:

    查阅资料后知道了,应该使用已知的用户名和密码登陆

    mysql -u root -p

    然而密码忘了,试了好几遍终于试出来了:
    在这里插入图片描述
    然后修改成通用的密码,不乱折腾了:
    在这里插入图片描述
    发现很多教程都过时了,我的版本是Server version: 8.0.19 MySQL ,最新的方法:
    在这里插入图片描述

    mysql> use mysql;
    mysql> ALTER USER 'root'@'localhost' IDENTIFIED BY '123';
    mysql> flush privileges;
    

    退出验证下看看有没有成功:
    在这里插入图片描述

    可以看到修改密码成功了。

    然后呢,我又假装密码忘了,把忘记密码的修改密码方法演示一下:

    第一步:关闭Mysql服务

    首先先停止mysql服务。可通过net stop mysql或者任务管理器中关闭。
    在这里插入图片描述
    管理员权限操作:(这是第一个窗口
    在这里插入图片描述

    第二步:跳过Mysql密码验证

    进入命令提示符(管理员登陆)操作,进入mysql目录中bin文件夹下,mysql8.0与其他版本不同的地方在于无法直接使用mysqld --skip-grant-tables来跳过密码登录。在这我们使用mysqld -console --skip-grant-tables --shared-memory来跳过权限验证。

    在这里插入图片描述
    输入执行后没有反馈,新开一个管理员窗口重新执行。(这是第二个窗口

    进入目录后,确保自己已经关闭了Mysql的服务:net stop mysql
    在这里插入图片描述
    关闭Mysql服务之后,继续在D:\mysql-8.0.19-winx64\bin目录下进行操作:
    输入

    mysqld --console --skip-grant-tables --shared-memory 
    

    在输入这行代码之后,如下显示,我们就已经成功跳过Mysql的密码登录了:
    在这里插入图片描述

    第三步:无密码方式进入Mysql

    在上述步骤之后,再打开一个管理员模式运行的cmd.exe (这是第三个窗口

    进入mysql下的bin目录后,直接登录mysql

    不需要通过net start mysql打开mysql服务

    在命令行中输入以下代码

    d:
    cd D:\mysql-8.0.19-winx64\bin(此处输入自己电脑上的安装目录)
    mysql -u root -p
    

    如图:
    在这里插入图片描述

    此时会显示让你输入密码,直接回车,就可以成功连接Mysql。
    在这里插入图片描述

    第四步:将登陆密码设置为空

    输入代码,将密码设置为空(此时还不能直接修改密码,必须先设置为空,否则会报错
    输入:

    use mysql; (使用mysql数据表)
    update user set authentication_string='' where user='root';(将密码置为空)
    quit; (然后退出Mysql)
    

    操作如图:
    在这里插入图片描述

    第五步:更改自己的登陆密码

    这里分为两个部分

    1.关闭前两个cmd窗口(一定要关闭!);

    2.在第三个窗口中输入代码;

    net stop mysql(关闭mysql服务,虽然会显示没有开启服务,但是以防万一)
    net start mysql(再打开mysql服务)
    

    (这里不要嫌麻烦,如果上一个mysql服务没关闭,我们依旧是无密码登陆)

    操作如图:
    在这里插入图片描述
    接着输入:

    cd D:\mysql-8.0.19-winx64\bin  (此处输入自己电脑上的安装目录)
    mysql -u root -p
    (此处会显示输入密码,直接回车就好了,第四步我们已经将他置为空了)
    ALTER USER 'root'@'localhost' IDENTIFIED BY 'root';(更改密码)
    

    如图:
    在这里插入图片描述

    最后一步:验证密码是否修改成功

    输入:

    quit(退出mysql)
    mysql -u root -p 
    (输入新密码,再次登录)
    

    图示:
    在这里插入图片描述
    成功!

    在这里插入图片描述

    展开全文
  • mysql 密码插件 validate_password

    千次阅读 2020-02-16 13:51:29
    os: centos 7.4 db: mysql 5.7.28 validate_password 是 mysql5.6以后可以引入的一个新密码校验插件, 管理用户密码长度、强度等。 版本 # cat /etc/centos-release CentOS Linux release 7.4....Enter password: We...

    os: centos 7.4
    db: mysql 5.7.28

    validate_password 是 mysql5.6以后可以引入的一个新密码校验插件, 管理用户密码长度、强度等。

    版本

    # cat /etc/centos-release
    CentOS Linux release 7.4.1708 (Core) 
    # 
    # mysql -u root -p
    Enter password: 
    Welcome to the MySQL monitor.  Commands end with ; or \g.
    Your MySQL connection id is 12
    Server version: 5.7.28 MySQL Community Server (GPL)
    
    Copyright (c) 2000, 2019, Oracle and/or its affiliates. All rights reserved.
    
    Oracle is a registered trademark of Oracle Corporation and/or its
    affiliates. Other names may be trademarks of their respective
    owners.
    
    Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
    
    mysql> select version();
    +-----------+
    | version() |
    +-----------+
    | 5.7.28    |
    +-----------+
    1 row in set (0.00 sec)
    
    mysql> 
    
    

    启用

    mysql 5.7 默认是安装启用 validate_password

    # ls -l /usr/lib64/mysql/plugin/vali*
    -rwxr-xr-x. 1 root root 209512 Sep 27 16:05 /usr/lib64/mysql/plugin/validate_password.so
    
    
    mysql> show plugins;
    +----------------------------+----------+--------------------+----------------------+---------+
    | Name                       | Status   | Type               | Library              | License |
    +----------------------------+----------+--------------------+----------------------+---------+
    | binlog                     | ACTIVE   | STORAGE ENGINE     | NULL                 | GPL     |
    | mysql_native_password      | ACTIVE   | AUTHENTICATION     | NULL                 | GPL     |
    | sha256_password            | ACTIVE   | AUTHENTICATION     | NULL                 | GPL     |
    | CSV                        | ACTIVE   | STORAGE ENGINE     | NULL                 | GPL     |
    | MEMORY                     | ACTIVE   | STORAGE ENGINE     | NULL                 | GPL     |
    | InnoDB                     | ACTIVE   | STORAGE ENGINE     | NULL                 | GPL     |
    | INNODB_TRX                 | ACTIVE   | INFORMATION SCHEMA | NULL                 | GPL     |
    | INNODB_LOCKS               | ACTIVE   | INFORMATION SCHEMA | NULL                 | GPL     |
    | INNODB_LOCK_WAITS          | ACTIVE   | INFORMATION SCHEMA | NULL                 | GPL     |
    | INNODB_CMP                 | ACTIVE   | INFORMATION SCHEMA | NULL                 | GPL     |
    | INNODB_CMP_RESET           | ACTIVE   | INFORMATION SCHEMA | NULL                 | GPL     |
    | INNODB_CMPMEM              | ACTIVE   | INFORMATION SCHEMA | NULL                 | GPL     |
    | INNODB_CMPMEM_RESET        | ACTIVE   | INFORMATION SCHEMA | NULL                 | GPL     |
    | INNODB_CMP_PER_INDEX       | ACTIVE   | INFORMATION SCHEMA | NULL                 | GPL     |
    | INNODB_CMP_PER_INDEX_RESET | ACTIVE   | INFORMATION SCHEMA | NULL                 | GPL     |
    | INNODB_BUFFER_PAGE         | ACTIVE   | INFORMATION SCHEMA | NULL                 | GPL     |
    | INNODB_BUFFER_PAGE_LRU     | ACTIVE   | INFORMATION SCHEMA | NULL                 | GPL     |
    | INNODB_BUFFER_POOL_STATS   | ACTIVE   | INFORMATION SCHEMA | NULL                 | GPL     |
    | INNODB_TEMP_TABLE_INFO     | ACTIVE   | INFORMATION SCHEMA | NULL                 | GPL     |
    | INNODB_METRICS             | ACTIVE   | INFORMATION SCHEMA | NULL                 | GPL     |
    | INNODB_FT_DEFAULT_STOPWORD | ACTIVE   | INFORMATION SCHEMA | NULL                 | GPL     |
    | INNODB_FT_DELETED          | ACTIVE   | INFORMATION SCHEMA | NULL                 | GPL     |
    | INNODB_FT_BEING_DELETED    | ACTIVE   | INFORMATION SCHEMA | NULL                 | GPL     |
    | INNODB_FT_CONFIG           | ACTIVE   | INFORMATION SCHEMA | NULL                 | GPL     |
    | INNODB_FT_INDEX_CACHE      | ACTIVE   | INFORMATION SCHEMA | NULL                 | GPL     |
    | INNODB_FT_INDEX_TABLE      | ACTIVE   | INFORMATION SCHEMA | NULL                 | GPL     |
    | INNODB_SYS_TABLES          | ACTIVE   | INFORMATION SCHEMA | NULL                 | GPL     |
    | INNODB_SYS_TABLESTATS      | ACTIVE   | INFORMATION SCHEMA | NULL                 | GPL     |
    | INNODB_SYS_INDEXES         | ACTIVE   | INFORMATION SCHEMA | NULL                 | GPL     |
    | INNODB_SYS_COLUMNS         | ACTIVE   | INFORMATION SCHEMA | NULL                 | GPL     |
    | INNODB_SYS_FIELDS          | ACTIVE   | INFORMATION SCHEMA | NULL                 | GPL     |
    | INNODB_SYS_FOREIGN         | ACTIVE   | INFORMATION SCHEMA | NULL                 | GPL     |
    | INNODB_SYS_FOREIGN_COLS    | ACTIVE   | INFORMATION SCHEMA | NULL                 | GPL     |
    | INNODB_SYS_TABLESPACES     | ACTIVE   | INFORMATION SCHEMA | NULL                 | GPL     |
    | INNODB_SYS_DATAFILES       | ACTIVE   | INFORMATION SCHEMA | NULL                 | GPL     |
    | INNODB_SYS_VIRTUAL         | ACTIVE   | INFORMATION SCHEMA | NULL                 | GPL     |
    | MyISAM                     | ACTIVE   | STORAGE ENGINE     | NULL                 | GPL     |
    | MRG_MYISAM                 | ACTIVE   | STORAGE ENGINE     | NULL                 | GPL     |
    | PERFORMANCE_SCHEMA         | ACTIVE   | STORAGE ENGINE     | NULL                 | GPL     |
    | ARCHIVE                    | ACTIVE   | STORAGE ENGINE     | NULL                 | GPL     |
    | BLACKHOLE                  | ACTIVE   | STORAGE ENGINE     | NULL                 | GPL     |
    | FEDERATED                  | DISABLED | STORAGE ENGINE     | NULL                 | GPL     |
    | partition                  | ACTIVE   | STORAGE ENGINE     | NULL                 | GPL     |
    | ngram                      | ACTIVE   | FTPARSER           | NULL                 | GPL     |
    | validate_password          | ACTIVE   | VALIDATE PASSWORD  | validate_password.so | GPL     |
    +----------------------------+----------+--------------------+----------------------+---------+
    45 rows in set (0.00 sec)
    
    

    低版本可以自己手动安装

    mysql> install plugin validate_password soname 'validate_password.so';
    Query OK, 0 rows affected, 1 warning (0.07 sec)
    
    

    降低强度

    validate_password 默认的强度有点高,测试环境修改密码感觉比较麻烦,可以通过参数调整

    validate_password_policy
    这个参数用于控制validate_password的验证策略 0–>low 1–>MEDIUM 2–>strong。

    validate_password_length
    密码长度的最小值(这个值最小要是4)。

    validate_password_number_count
    密码中数字的最小个数。

    validate_password_mixed_case_count
    大小写的最小个数。

    validate_password_special_char_count
    特殊字符的最小个数。

    validate_password_dictionary_file
    字典文件

    # vi /etc/my.cnf
    
    validate_password_policy=0
    validate_password_length=4
    validate_password_number_count=0
    validate_password_mixed_case_count=0
    validate_password_special_char_count=0
    
    

    查看所有的validate_password相关的参数值

    mysql> show global variables like 'validate%';
    +--------------------------------------+-------+
    | Variable_name                        | Value |
    +--------------------------------------+-------+
    | validate_password_check_user_name    | OFF   |
    | validate_password_dictionary_file    |       |
    | validate_password_length             | 4     |
    | validate_password_mixed_case_count   | 0     |
    | validate_password_number_count       | 0     |
    | validate_password_policy             | LOW   |
    | validate_password_special_char_count | 0     |
    +--------------------------------------+-------+
    7 rows in set (0.01 sec)
    
    

    参考:
    https://dev.mysql.com/doc/refman/5.7/en/validate-password.html

    展开全文
  • Password Management: Hardcoded Password

    千次阅读 2020-01-15 09:29:28
    1、摘要 ... 2、解释 ...程序的字节码,他们可以使用javap-c命令访问反汇编代码,反汇编代码将包含 ...进行加密,使用时再解密操作(如果可以的话定义变量名尽量避开password,pwd。。。等有关密码名称)。
  • MySQL 密码参数配置与修改 validate_password场景通过root用户创建travel_agency数据库,目标是,新建一个用户然后对仅对该用户开放travel_agency数据库而非其他数据库过程创建对所有ip开放的用户sx CEATE USER 'xx'...
  • go php password_hash 加解密实现

    千次阅读 2022-04-12 15:15:56
    go 语言实现 php的 password_hash安全加密解密实现示例
  • mysql8 password函数

    千次阅读 2021-08-11 15:15:32
    在mysql8.0之后的版本中,password函数已被取消,加密方式不再使用mysql_native_password,换成了caching_sha2_password 原本的sql语句为: UPDATE user SET authentication_string=password("密码") WHERE user=...
  • 将type="password"中的password修改成为text修改完成后点击回车查看网页黑点密码,这个功能很好用哦用了这招,将小黑点变成直接显示密码!忘记密码也能立刻想起来了操 作 步 骤步骤一、全选密码后,右键点击检查步骤...
  • BUUCTF:password

    千次阅读 2020-11-05 21:39:19
    谁会想到flag是zs加19900315呢?
  • mysql 安装插件 validate_password

    千次阅读 2022-04-28 10:42:18
    在做等保的时候,数据库存在一个高风险漏洞,需要修改 二、MySQL数据库 1.无鉴别信息复杂度校验机制(高风险) 建议数据库所在数据库鉴别信息复杂度策略设置为:...validate_password_special_char_count 1,且未定期
  • redis:ERR AUTH <password> called without any password configured for the default user解决办法
  • ssh:Permission denied (publickey,password).

    千次阅读 2021-05-21 10:29:26
    Permission denied (publickey,password). 在密码正确的情况下也无法进行连接 解决方案 遇到这样的情况,如果不是密码错误,并且服务器上的sshd服务已经开启的情况下,需要进入到对应docker中,修改对应docker的...
  • 使用这个命令修改密码即可 echo 用户名|passwd --stdin 密码
  • Advanced Archive Password Recovery recovers passwords and removes protection from ZIP and RAR archives created with all versions of PKZip, WinZip, RAR and WinRAR in their GUI and command-line ...
  • MySQL修改用户的密码(SET PASSWORD)的例子摘要:本文讲的是MySQL修改用户的密码(SET PASSWORD)的例子, MySQL修改用户密码时使用SET PASSWORD命令,...SET PASSWORD = PASSWORD('some password')SET PASSWORD FOR...
  • 解决 remote: Support for password authentication was removed on August 13, 2021. Please use a personal access token instead.
  • MySQL开启密码插件(validate_password

    千次阅读 2021-12-07 17:15:07
    validate_password(密码插件) ...install plugin validate_password soname ‘validate_password.so’; 线上启动(MySQL服务已启动时用) plugin-load=validate_password.so 在配置文件下启动(在mysqld标
  • Mysql 解决 Your password has expired.

    千次阅读 2019-06-28 14:23:04
    直接给出解决方法 ...mysql -u root -p 然后在mysql命令行里 运行下面...ALTER USER `root`@`localhost` IDENTIFIED BY '你的密码', `root`@`localhost` PASSWORD EXPIRE NEVER; 方案来源:https://stackoverflow.c...
  • mysql 8.0 更新了加密方式plugin,mysql5用的是sha256_password加密方式,mysql8用的是caching_sha2_password的加密方式,所以导致mysql8连接时报错以及很多旧版本的navicat无法正常访问。 为了方便访问,创建一个...
  • mysql加密函数password

    千次阅读 2019-11-12 13:52:33
    SELECT PASSWORD('123456') UPDATE user SET authentication_string=PASSWORD('123456') WHERE user='root' 2.mysql8.0.11 移除了password()方法 https://dev.mysql.com/doc/refman/8.0/en/encrypt...
  • gitlab:Invalid Login or password.解决

    千次阅读 2022-01-06 09:15:01
    gitlab:Invalid Login or password.解决 昨天在公司实习,遇到的一个问题,学习视频的时候想下载源码,自己学习一下。结果注册了自己注册了gitlab的账目(通过github账号注册的),但是在这里无法登录。 解决: 后来...
  • mysql安装validate_password密码校验插件

    千次阅读 2021-02-25 17:51:04
    一、查询插件 1、登录mysql,查询已安装的插件:show plugins; 2、查询mysql插件目录位置...命令执行:install plugin validate_password soname 'validate_password.so'; 运行时注册插件。无需重启mysql 第二.
  • 这是码云的账号密码有问题,这时候我们要去码云重新确认一下密码,然后找到 把正确密码更新到这里。 这样就ok啦。
  • 连接报错'mysql_native_password'

    千次阅读 2021-01-19 20:00:16
    。。打开指令,进入mysql>,然后输入mysql>...就可以看见plugin(插件)格式被更新为caching_sha2_password,所以我们只需要改为旧版本mysql_native_password即可:ALTER USER '此处为user下的名字如...
  • password_hash和password_verify函数

    千次阅读 2018-10-21 21:08:41
    它包含4个函数:password_get_info()、password_hash()、password_needs_rehash()、password_verify()。 在PHP5.5之前,我们对于密码的加密可能更多的是采用md5或sha1之类的加密方式(没人像CS...
  • Advanced Archive Password Recovery

    万次阅读 2020-08-19 12:01:44
    今天给大家分享一款文件破解密码的工具:Advanced Archive Password Recovery 我录了教程,大家可以看看,我给大家提醒一下: 视频展示破解的是数字密码,其实也可以是混合密码,就是中英文混合,那么就要勾选前三个...
  • orapwd file=$ORACLE_HOME/dbs/orapw+实例名 password=oracle entries=5; orapwd file=$ORACLE_HOME/dbs/orapw+实例名 password=oracle format=12 force=y;
  • 1、mysql_native_password 执行本地身份验证的插件;在MySQL中引入可插入身份验证之前使用的基于密码哈希方法的身份验证。该mysql_native_password插件基于本机密码哈希方法实现身份验证。该mysql_old_password ...
  • 目录一、问题描述二、解决方法 一、问题描述 在 application.yml 中配置 Redis 连接...编译时报错 RedisCommandExecutionException: WRONGPASS invalid username-password pair: Caused by: io.lettuce.core.Redis

空空如也

空空如也

1 2 3 4 5 ... 20
收藏数 2,867,033
精华内容 1,146,813
关键字:

password