How to Change MySQL Password Policy Level

Written by Rahul

The latest MySQL servers come with a validate password plugin. This plugin configures a password policy to make server MySQL more secure.

While changing the password, I got the error: ERROR 1819 (HY000): Your password does not satisfy the current policy requirements

Follow below tutorial to change password policy level for MySQL. Alternatively, you can also use this tutorial to remove the password policy plugin.

Change MySQL Password Policy

To change the default password policy level, we can change the settings at runtime using the command line or in the config file (my.cnf/mysqld.cnf) permanently.

mysql> SHOW VARIABLES LIKE 'validate_password%';

+--------------------------------------+--------+
| Variable_name                        | Value  |
+--------------------------------------+--------+
| validate_password_check_user_name    | OFF    |
| validate_password_dictionary_file    |        |
| validate_password_length             | 8      |
| validate_password_mixed_case_count   | 1      |
| validate_password_number_count       | 1      |
| validate_password_policy             | MEDIUM |
| validate_password_special_char_count | 1      |
+--------------------------------------+--------+
7 rows in set (0.06 sec)

mysql> SHOW VARIABLES LIKE 'validate_password%';

+--------------------------------------+--------+

| Variable_name | Value |

+--------------------------------------+--------+

| validate_password_check_user_name | OFF |

| validate_password_dictionary_file | |

| validate_password_length | 8 |

| validate_password_mixed_case_count | 1 |

| validate_password_number_count | 1 |

| validate_password_policy | MEDIUM |

| validate_password_special_char_count | 1 |

+--------------------------------------+--------+

7 rows in set (0.06 sec)

The default level is MEDIUM, we can change it to LOW by using the below query. The LOW level required only password’s length to min 8 characters.

mysql> SET GLOBAL validate_password_policy=LOW;

Query OK, 0 rows affected (0.02 sec)

mysql> SET GLOBAL validate_password_policy=LOW;

Query OK, 0 rows affected (0.02 sec)

To make this setting permanent edit MySQL configuration (my.cnf) file and add below settings.

[mysqld]
validate_password_policy=LOW

Save the file and restart the MySQL service to apply changes.

Rahul

I, Rahul Kumar am the founder and chief editor of TecAdmin.net. I am a Red Hat Certified Engineer (RHCE) and working as an IT professional since 2009..

7 Comments

Gabriel Vila Real Reply to Gabriel
May 25, 2020 at 7:42 pm
Thank you for this useful tip!
I used to have the root user with a blank password on my development environment. I need to set the full set of validation variables password on mysqld.cnf to it works again. On mysqld.cnf now I have:
validate_password.check_user_name=OFF
validate_password.dictionary_file=
validate_password.length=0
validate_password.mixed_case_count=0
validate_password.number_count=0
validate_password.policy=LOW
validate_password.special_char_count=0
Frank Reply to Frank
December 20, 2019 at 11:30 pm
Hi there,
thanks for direction, there is a typo, you have:
mysql> SET GLOBAL validate_password_policy=LOW;
it should be:
mysql> SET GLOBAL validate_password.policy=LOW;
(as visible from command:)
SHOW VARIABLES LIKE ‘validate_password%’;
All the best,
- David Reply to David
  May 25, 2020 at 10:18 pm
  Thank you Frank. You saved my time and effort on this issue
TY Reply to TY
December 15, 2019 at 5:11 pm
The permanent edit:
[mysqld]
validate_password_policy=LOW
crashed my MySQL server.
I am on 5.7.28, Ubuntu 18.04
- Henrique Reply to Henrique
  December 20, 2019 at 7:28 pm
  Try this instead:
  [mysqld]
  validate_password.policy=LOW
  - hicall Reply to hicall
    December 30, 2019 at 10:29 am
    thanks brow, work it on mysql v8
Jonathan Reply to Jonathan
April 16, 2019 at 3:03 am
Thankyou, very useful since I accidentally set my policy to STRONG by mistake.

Change MySQL Password Policy

Rahul

7 Comments

Leave a Reply