We have had in Debian/Ubuntu since late 2015 unix socket authentication by default on new MariaDB installations (see
Now in 10.3 it is time to start do this in upstream MariaDB globally.
Via Debian we have already experience that this works well in many environments and use cases. There is a Windows equivalent for unix socket auth is called auth_namepipe and has been tested to work already in 2015.
The remaining question is whether to have this as-is in upstream now or should we wait until we have automatic fallback to password if the unix_socket did not match (support for multiple authentication plugins).
The Debian sources can be found here: https://anonscm.debian.org/cgit/pkg-mysql/mariadb-10.1.git/tree/debian
Note the recent rewrite by Kristian, which has been upstreamed so the capability is already in upstream: https://anonscm.debian.org/cgit/pkg-mysql/mariadb-10.1.git/commit/debian/patches?id=87c1d427f66c0f351019b3a23c3b1de1089b4170