Database Reference
In-Depth Information
23.4. Checking Password Strength
Problem
You want to assign or change a password but verify first that it's not weak.
Solution
Use the
VALIDATE_PASSWORD_STRENGTH()
function.
Discussion
The
validate_password
plug-in not only implements policy for new passwords, it
provides a SQL function,
VALIDATE_PASSWORD_STRENGTH()
, that enables strength test‐
ing of prospective passwords. Uses for this function include:
• An administrator wants to check passwords to be assigned to new accounts.
• An individual user wants to choose a new password but seeks assurance in advance
how strong it is.
To use
VALIDATE_PASSWORD_STRENGTH()
, the
validate_password
plug-in must be en‐
abled. For plug-in installation instructions, see
Recipe 22.2
.
VALIDATE_PASSWORD_STRENGTH()
returns a value from 0 (weak) to 100 (strong):
mysql>
SELECT VALIDATE_PASSWORD_STRENGTH('abc') ;
+-----------------------------------+
| VALIDATE_PASSWORD_STRENGTH('abc') |
+-----------------------------------+
| 0 |
+-----------------------------------+
mysql>
SELECT VALIDATE_PASSWORD_STRENGTH('weak-password');
+---------------------------------------------+
| VALIDATE_PASSWORD_STRENGTH('weak-password') |
+---------------------------------------------+
| 50 |
+---------------------------------------------+
mysql>
SELECT VALIDATE_PASSWORD_STRENGTH('Str0ng-Pa33w@rd');
+-----------------------------------------------+
| VALIDATE_PASSWORD_STRENGTH('Str0ng-Pa33w@rd') |
+-----------------------------------------------+
| 100 |
+-----------------------------------------------+