Your password does not satisfy the current policy requirements
Asked Answered
B

26

311

I want to create a new user in MySQL with the syntax:

create user 'demo'@'localhost' identified by 'password';

But it returns an error:

Your password does not satisfy the current policy requirements.

I have tried many passwords but they don't work. How can I fix this?

Bakemeier answered 29/3, 2017 at 13:19 Comment(6)
Set the password policy level lower. Take a look here: dev.mysql.com/doc/refman/5.6/en/…Diandre
What's you password policy set up as? You can check the variables that have been set up for your password validation module using SHOW VARIABLES LIKE 'validate_password%'Mcdaniel
Thanks! I set the password policy level lower and it works.Bakemeier
I solved my problem using UNINSTALL COMPONENT 'file://component_validate_password';Mayers
@Bakemeier This is happening because the password that you are providing for the user is not strong enough as per your validate_password.policy. Instead of 'password' enter a strong password that you want. Ironically everyone suggested you to change the validate_password.policy levelChinachinaberry
@SandeepGahlawat a less secure password is probably OK if you are creating a dummy database purely for test and development purposes on your own physical dev machine. (Though my instinct is still to use a more secure password.)Thruway
P
549

Because of your password. You can see password validate configuration metrics using the following query in MySQL client:

SHOW VARIABLES LIKE 'validate_password%';

The output should be something like that :

+--------------------------------------+-------+
| Variable_name                        | Value |
+--------------------------------------+-------+
| validate_password.check_user_name    | ON    |
| validate_password.dictionary_file    |       |
| validate_password.length             | 6     |
| validate_password.mixed_case_count   | 1     |
| validate_password.number_count       | 1     |
| validate_password.policy             | LOW   |
| validate_password.special_char_count | 1     |
+--------------------------------------+-------+

then you can set the password policy level lower, for example:

SET GLOBAL validate_password.length = 6;
SET GLOBAL validate_password.number_count = 0;

Check the MySQL Documentation.

Pendragon answered 29/3, 2017 at 13:25 Comment(15)
You should cite the official MySQL documentation, not a YouTube video.Slumlord
Use following command to use 'password' as Password for development machine: SET GLOBAL validate_password_policy = 0;Commandment
SET GLOBAL validate_password.length = 6; SET GLOBAL validate_password.number_count = 0; uPDATED!!Courtund
it's just rather SET GLOBAL validate_password.policy = 0;Cloistral
This was helpful because it actually showed me why my 30-character long password was "weak" (no special character). I was able to remove the special character requirement and increase the minimum length from 8 to 20.Glutton
@Cloistral you need change the . to _Doehne
SET GLOBAL validate_password.length = 6; SET GLOBAL validate_password.number_count = 0; Should beAnnemarie
in my case (mysql 8) it was: SET GLOBAL validate_password.policy = LOW;Psychoneurotic
The state SET GLOBAL can only work under the root user. if you execute with another admin user, it might fail you with surface success hint.Bricklaying
You should probably give some instructions on making it permanent.Grandpapa
The following link gives more information about the evaluation criteria used by the plugin that checks the entered password. dev.mysql.com/doc/refman/5.7/en/validate-password.htmlRoentgenology
Please also run FLUSH PRIVILEGES; after running above commands or it won't work.Ruiz
Why not just set a password that matches the security level rather than lower security or mess with editing files? All the information for meeting the requirements are shown in the table.Coad
@MarkLee I even tried a very strong password with numbers, special char and 20 chars but it still complains.Government
ERROR 1193 (HY000): Unknown system variable 'validate_password_policy'Noles
M
101

If you don't care what the password policy is. You can set it to LOW by issuing below mysql command:

mysql> SET GLOBAL validate_password.length = 4;
mysql> SET GLOBAL validate_password.policy=LOW;
Micrography answered 7/9, 2018 at 5:55 Comment(5)
should be SET GLOBAL validate_password.policy=LOW; insteadCorbicula
For MySQL 8, the property has changed from "validate_password_policy" to "validate_password.policy. For lower versions it is still "validate_password_policy"Micrography
mysql> SET GLOBAL validate_password_policy=LOW; It's working for me.Ursulina
You should really have left it as it was for mysql7, and qualify that from mysq8 it has changed to what have been recommended by songyyGuib
MEDIUM instead of LOWVanadous
F
94

NOTE: This might not be a secure solution. But if you are working on a test environment, just need a quick fix and doesn't even care about the security settings. This is a quick solution.

The same issue happened to me when I ran "mysql_secure_installation" and modified password security level to 'medium'.

I bypassed the error by running the followings:

mysql -h localhost -u root -p
mysql>uninstall plugin validate_password;

make sure you reinstall the plugin "validate_password" if necessary.

Filth answered 26/6, 2017 at 0:35 Comment(3)
Terrible solution. You should lower the level to what suits you, not remove the entire facility.Slumlord
thanks for posting. quick and dirty fix. just like what @Filth says: make sure you reinstall the plugin "validate_password"Huntley
@Slumlord What's wrong with having no password on mysql on a development machine? Unless you store something valuable there (in mysql). Disabling validation is even less severe than having no password.Grandpapa
K
43

For MySQL 8 you can use the following script:

SET GLOBAL validate_password.LENGTH = 4;
SET GLOBAL validate_password.policy = 0;
SET GLOBAL validate_password.mixed_case_count = 0;
SET GLOBAL validate_password.number_count = 0;
SET GLOBAL validate_password.special_char_count = 0;
SET GLOBAL validate_password.check_user_name = 0;
ALTER USER 'user'@'localhost' IDENTIFIED BY 'pass';
FLUSH PRIVILEGES;
Kerstin answered 19/9, 2019 at 8:44 Comment(0)
G
40

For MySQL 8*

SET GLOBAL validate_password.policy=LOW

Reference Link to explain about policy - Click Here

Godwit answered 29/10, 2018 at 9:51 Comment(0)
S
25

After running the command sudo mysql_secure_installation.

  1. Run sudo mysql to enter into the mysql prompt.
  2. Run this SELECT user,authentication_string,plugin,host FROM mysql.user; to check for user root to have as plugin auth_socket.
  3. Then do run uninstall plugin validate_password; to drop priviledges before running this ALTER USER 'root'@'localhost' IDENTIFIED WITH mysql_native_password BY 'password';Be sure to change password to a strong password.

NOTE: check out this link https://www.digitalocean.com/community/tutorials/how-to-install-mysql-on-ubuntu-18-04 for more help

Stacy answered 27/6, 2018 at 13:34 Comment(0)
S
15

You have to change MySQL password policy to LOW.

login as root

mysql -u root -p

change policy

SET GLOBAL validate_password.policy=LOW;

or

SET GLOBAL validate_password.policy=0;

exit

exit

restart MySQL service

sudo service mysql restart

You have to change the MySQL password policy to Low = 0 / Medium = 1 / High = 2.

SET GLOBAL validate_password.policy=0;
SET GLOBAL validate_password.policy=1;    
SET GLOBAL validate_password.policy=2;
Shedevil answered 9/9, 2019 at 9:15 Comment(0)
D
13

In my opinion setting the "validate_password_policy" to "low" or uninstalling the "validate password plugin" is not the right thing to do. You must never compromise with security of your database (unless you don't really care). I am wondering why people are even suggesting these options when you simply can pick a good password.

To overcome this problem, I executed following command in mysql: SHOW VARIABLES LIKE 'validate_password%' as suggested by @JNevill. My "validate_password_policy" was set to Medium, along with other things. Here is the screenshot of its execution: Validate Password Policy

The result is self explanatory. For a valid password (when Password policy is set to medium):

  • Password must be at least 8 characters long
  • Mixed case count is 1 (At least 1 letter in small and 1 letter in caps)
  • Number count is 1
  • Minimum special Character count is 1

So a valid password must obey the policy. Examples of valid password for above rules maybe:

  • Student123@
  • NINZAcoder$100
  • demoPass#00

You can pick any combination as long as it satisfies the policy.

For other "validate_password_policy" you can simply look the values for different options and pick your password accordingly (I haven't tried for "STRONG").

https://dev.mysql.com/doc/refman/5.6/en/validate-password-options-variables.html

Dracaena answered 21/5, 2019 at 5:45 Comment(4)
It's STRONG for the top password policy.Zoster
I also don't understand people suggesting to downgrade validate_password_policy to LOW. Users can perfectly create or generate a strong password fulfilling the requirement. If you are not sure how to do, use a tool for that. For example github.com/joseluisq/rpasswdClarion
the policy is not explained. So you're just guessing what it is. in my case, I'm generating a random set of characters and no matter how wild it is 'it doesn't meet requirements'Lithe
I tried to install phpmyadmin. I set the policy to medium and my password satisfied the policy(I just triple checked). It still threw the same error. Even when it was supposed to generate a random one by itself ("if left blank").Megalomania
D
13
SHOW VARIABLES LIKE 'validate_password%';

mysql> SET GLOBAL validate_password.length = 6;
mysql> SET GLOBAL validate_password.number_count = 0;
mysql> SET GLOBAL validate_password.policy=LOW;
SHOW VARIABLES LIKE 'validate_password%';

Donavon answered 20/5, 2020 at 11:35 Comment(0)
H
7

If you trying to set a blank password. Then running the following query in MySQL client:

SET GLOBAL validate_password.check_user_name = No;
SET GLOBAL validate_password.dictionary_file = '';
SET GLOBAL validate_password.length = 0;
SET GLOBAL validate_password.mixed_case_count = 0;
SET GLOBAL validate_password.number_count = 0;
SET GLOBAL validate_password.policy = LOW;
SET GLOBAL validate_password.special_char_count = 0;

The output should be something like that :

    SHOW VARIABLES LIKE 'validate_password%';

+--------------------------------------+-------+
| Variable_name                        | Value |
+--------------------------------------+-------+
| validate_password.check_user_name    | ON    |
| validate_password.dictionary_file    |       |
| validate_password.length             | 0     |
| validate_password.mixed_case_count   | 0     |
| validate_password.number_count       | 0     |
| validate_password.policy             | LOW   |
| validate_password.special_char_count | 0     |
+--------------------------------------+-------+

Then you can update your blank password using this query:

ALTER USER 'root'@'localhost' IDENTIFIED WITH mysql_native_password BY '';
Hessenassau answered 14/2, 2022 at 9:41 Comment(0)
G
6

Step 1: check your default authentication plugin

SHOW VARIABLES LIKE 'default_authentication_plugin';

Step 2: veryfing your password validation requirements

SHOW VARIABLES LIKE 'validate_password%';

Step 3: setting up your user with correct password requirements

CREATE USER '<your_user>'@'localhost' IDENTIFIED WITH '<your_default_auth_plugin>' BY 'password';
Gant answered 2/8, 2018 at 7:17 Comment(0)
G
4

This is a bug in phpmyadmin. Start mysql with

sudo mysql -p

Then execute this command:

SET GLOBAL validate_password.policy = 0;

Now you can change your password. If you like you can reset it after it:

SET GLOBAL validate_password.policy = MEDIUM;

(You can use LOW, MEDIUM or HIGH)

Then execute exit to close mysql.

Solution found here.

Government answered 9/6, 2022 at 10:16 Comment(0)
A
3

I had the same Problem and the Answer is just Right in front of you, remember when you ran the script while installing mysql like

sudo mysql_secure_installation

there somewhere you chose which password type would you like to chose

There are three levels of password validation policy:

LOW Length >= 8 MEDIUM Length >= 8, numeric, mixed case, and special characters STRONG Length >= 8, numeric, mixed case, special characters and dictionary file

Please enter 0 = LOW, 1 = MEDIUM and 2 = STRONG:

you have to give a password to same policy

here are some sample examples for your passwords:
for type 0: abcdabcd
for type 1: abcd1234
for type 2: ancd@1234

Airing answered 14/3, 2019 at 9:15 Comment(1)
In MySQL 8 there's no such option.Shaitan
J
3

For Laravel users having this issue with MySQL 8.0.x, add

'modes'=> [
             'ONLY_FULL_GROUP_BY',
             'STRICT_TRANS_TABLES',
             'NO_ZERO_IN_DATE',
             'NO_ZERO_DATE',
             'ERROR_FOR_DIVISION_BY_ZERO',
             'NO_ENGINE_SUBSTITUTION',
            ],

to your database.php file as below:

// database.php

    'connections' => [

        'mysql' => [
            'driver'      => 'mysql',
            'host'        => env( 'DB_HOST', '127.0.0.1' ),
            'port'        => env( 'DB_PORT', '3306' ),
            'database'    => env( 'DB_DATABASE', 'forge' ),
            'username'    => env( 'DB_USERNAME', 'forge' ),
            'password'    => env( 'DB_PASSWORD', '' ),
            'unix_socket' => env( 'DB_SOCKET', '' ),
            'charset'     => 'utf8mb4',
            'collation'   => 'utf8mb4_unicode_ci',
            'prefix'      => '',
            'strict'      => true,
            'engine'      => null,
            'modes'       => [
                'ONLY_FULL_GROUP_BY',
                'STRICT_TRANS_TABLES',
                'NO_ZERO_IN_DATE',
                'NO_ZERO_DATE',
                'ERROR_FOR_DIVISION_BY_ZERO',
                'NO_ENGINE_SUBSTITUTION',
            ],
        ],
    ],

It fixed it for me.

Jeramey answered 24/7, 2019 at 16:3 Comment(0)
M
2

The problem is that your password wont match the password validation rules. You can simple follow below steps to solve your problem.

You can simply see password validation configuration matrix by typing below code.

mysql-> SHOW VARIABLES LIKE 'validate_password%';

Then in your matrix you can find below variables with corresponding values and in there you have to check validate_password_length , validate_password_number_count and validate_password_policy.

Check the values used for those variables. Make sure your validate_password_length should not be greater than 6. You can set that to 6 by using below code.

SET GLOBAL validate_password_length = 6;

And after that you need to set validate_password_number_count to 0. Do it by using below code.

SET GLOBAL validate_password_number_count = 0;

Finally you have to set you validate_password_policy to low. Having that as Medium or High wont allow your less secure passwords. Set that to low by below code.

SET GLOBAL validate_password_policy=LOW;
Marcelinomarcell answered 28/8, 2019 at 7:26 Comment(0)
K
1

Set password that satisfies 7 MySql validation rules

eg:- d_VX>N("xn_BrD2y

Making validation criteria bit more simple will solve the issue

SET GLOBAL validate_password_length = 6;
SET GLOBAL validate_password_number_count = 0;

But recommended a Strong password is a correct solution

Kenwrick answered 24/1, 2020 at 8:21 Comment(0)
C
1
mysql> SET GLOBAL validate_password.policy = 0;
Cascade answered 12/5, 2020 at 8:15 Comment(1)
While this code may resolve the OP's issue, it is best to include an explanation as to how your code addresses the OP's issue. In this way, future visitors can learn from your post, and apply it to their own code. SO is not a coding service, but a resource for knowledge. Also, high quality, complete answers are more likely to be upvoted. These features, along with the requirement that all posts are self-contained, are some of the strengths of SO as a platform, that differentiates it from forums. You can edit to add additional info &/or to supplement your explanations with source documentation.Pangermanism
H
1

If the mysql is hosted on aws , just uninstall the plugin. From the root user fire below

UNINSTALL PLUGIN validate_password;
Hecht answered 14/10, 2020 at 12:46 Comment(0)
S
1

In my case, the error comes up when there is a wrong quote:

GRANT ALL ON database_name.* TO ‘user1’@'8.10.12.2'; (wrong single quote around user name)

vs

GRANT ALL ON database_name.* TO 'user1'@'8.10.12.2'; (correct)

Seamanlike answered 5/1, 2023 at 22:55 Comment(0)
A
1
mysql -u root -p

type your password and hit enter And in Myqsl terminal type

SHOW VARIABLES LIKE 'validate_password%';

you'll see a table containing password validation data like this

+--------------------------------------+--------+
| Variable_name                        | Value  |
+--------------------------------------+--------+
| validate_password.check_user_name    | ON     |
| validate_password.dictionary_file    |        |
| validate_password.length             | 8      |
| validate_password.mixed_case_count   | 1      |
| validate_password.number_count       | 1      |
| validate_password.policy             | MEDIUM |
| validate_password.special_char_count | 1      |
+--------------------------------------+--------+

Then copy paste this query

SET GLOBAL validate_password.policy=LOW;SET GLOBAL validate_password.length=0;SET GLOBAL validate_password.mixed_case_count=0;SET GLOBAL validate_password.number_count=0;SET GLOBAL validate_password.special_char_count=0;

Now your table should look like this

+--------------------------------------+-------+
| Variable_name                        | Value |
+--------------------------------------+-------+
| validate_password.check_user_name    | ON    |
| validate_password.dictionary_file    |       |
| validate_password.length             | 0     |
| validate_password.mixed_case_count   | 0     |
| validate_password.number_count       | 0     |
| validate_password.policy             | LOW   |
| validate_password.special_char_count | 0     |
+--------------------------------------+-------+

If it does not look like that write query individually syntax:

SET GLOBAL validate_password.<validator_name>=<value>;

Then exit mysql and type this command to change the password of your root

$(brew --prefix mysql)/bin/mysqladmin -u root -p password ""

(please include $)

It will ask you to type the current password enter it.

And what yo password is removed 🎉

Anatropous answered 28/4, 2023 at 12:0 Comment(0)
V
1

#password must include small-letters,at least one Capital letter,one Character and Numbers

e.g create user 'username'@'localhost' identified by 'user_Name@123';

Vociferant answered 15/2, 2024 at 17:1 Comment(0)
D
0

This error message has nothing to do with the stored password in your table. It also occures if you type (on SQL console)

"select password('123456789')"

or if

"select password('A123456789')"

or if

"select password('A!123456789')"

If you type

"select password('A!a123456789')"

then it will work. Just use big + small letters, special chars and numbers to create your password.

You can disable these checks in my.cnf, but then you will have a security risk!

in [mysqld] add:

validate_password_policy=LOW
validate_password_special_char_count=0
validate_password_length=0
validate_password_mixed_case_count=0
validate_password_number_count=0
Duenas answered 18/2, 2019 at 15:46 Comment(0)
C
0

didn't work for me on ubuntu fresh install of mysqld, had to add this: to /etc/mysql/mysql.conf.d/mysqld.cnf or the server wouldn't start (guess the plugin didn't load at the right time when I simply added it without the plugin-load-add directive)

plugin-load-add=validate_password.so
validate_password_policy=LOW
validate_password_length=8
validate_password_mixed_case_count=0
validate_password_number_count=0
validate_password_special_char_count=0
Cantatrice answered 17/10, 2019 at 12:14 Comment(0)
H
0

There are some moments where finding a quick solution is great. But if you can avoid lowing passwords restrictions, it can keep you from having big headache in future.

Next link is from the official documentation https://dev.mysql.com/doc/refman/5.6/en/validate-password.html, where they expose an example exactly like your one, and they solve it.

The only one problem you have is that your password is not strong enough to satisfy the actual minimum policy (not recommended to remove). So you can try different passwords as you can see in the example.

Histogenesis answered 12/5, 2020 at 8:35 Comment(0)
P
0

this information is important to all answers above : When you restart mysql server all policy config will be RESET and will be LOST, so to make your policy configuration PERSISTENT, you should follow these instructions: (tested on ubuntu server version 20.10)
  1. After Applying these changes with mysql Hung Nguyen answer
  2. sudo nano /etc/mysql/mysql.conf.d/mysqld.cnf
  3. add this last line:
[mysqld]
#
# * Basic Settings
#
..
..
..
validate_password.policy = LOW   # <== this line
..
..
# IMPORTANT notes: 
# - you can add more policy commands each by your needs.
# - notice the "." before "policy" , in some mysql versions is "_" , so be aware of that.
  1. Save the file and restart mysql server: sudo service mysql restart

  2. Connect and check the persistence of your configuration:
    sudo mysql -u your_username -p
    show variables like "validate_pass%";
    result should be like this one:

+--------------------------------------+-------+
| Variable_name                        | Value |
+--------------------------------------+-------+
| validate_password.check_user_name    | ON    |
| validate_password.dictionary_file    |       |
| validate_password.length             | 6     |
| validate_password.mixed_case_count   | 1     |
| validate_password.number_count       | 0     |
| validate_password.policy             | LOW   |
| validate_password.special_char_count | 1     |
+--------------------------------------+-------+

I hope this can help people.

Edit: thanks to @ahmednawazbutt: don't forget to FLUSH PRIVILEGES;

Phototype answered 3/6, 2021 at 10:1 Comment(1)
dont forget to FLUSH PRIVILEGES; after thatConfabulation
P
0

The best option is to just go through your password policy and set a password accordingly. You can check the value of your existing Password Validation Plugin System Variables by running the below command

mysql> SHOW VARIABLES LIKE 'validate_password%';

It's never a good practice to reduce your security policies by manipulating the system variables.

You can read about the details of each variable and its use case from the official documentation, links for reference MySQL 5.6 MySQL 5.7 MySQL 8.0

Pyrone answered 8/11, 2021 at 14:4 Comment(0)

© 2022 - 2025 — McMap. All rights reserved.