Details
Blocker Description
Currently simple_password_check and password_reuse_check shows same error message if the query does not satisfy the plugin policy. I think we should separate the error message on the basis of failure.
simple_password_check password validation
10.7.0-opt>SET PASSWORD FOR user_name@localhost = PASSWORD('test@123');
|
ERROR 1819 (HY000): Your password does not satisfy the current policy requirements
|
10.7.0-opt>
|
10.7.0-opt>UNINSTALL SONAME 'simple_password_check';
|
Query OK, 0 rows affected (0.005 sec)
|
password_reuse_check password validation
10.7.0-opt>SET PASSWORD FOR user_name@localhost = PASSWORD('test@123');
|
Query OK, 0 rows affected (0.011 sec)
|
|
|
10.7.0-opt>SET PASSWORD FOR user_name@localhost = PASSWORD('test@123');
|
ERROR 1819 (HY000): Your password does not satisfy the current policy requirements
|
10.7.0-opt>
|
Similarly ALTER USER also shows different error message.
10.7.0-opt>alter user user_name@localhost identified by 'test_pwd2';
|
ERROR 1396 (HY000): Operation ALTER USER failed for 'user_name'@'localhost'
|
10.7.0-opt>
|
10.7.0-opt>show warnings;
|
+-------+------+----------------------------------------------------------------+
|
| Level | Code | Message |
|
+-------+------+----------------------------------------------------------------+
|
| Error | 1819 | Your password does not satisfy the current policy requirements |
|
| Error | 1396 | Operation ALTER USER failed for 'user_name'@'localhost' |
|
+-------+------+----------------------------------------------------------------+
|
2 rows in set (0.000 sec)
|
|
|
10.7.0-opt>
|
Attachments
Issue Links
- is caused by
-
MDEV-9245 password "reuse prevention" validation plugin
-
- Closed
-