[MDEV-34311] ALTER USER should reset password errors counters - Jira

XML

Word

Printable

Details

Type: Bug
Status: Closed (View Workflow)
Priority: Major
Resolution: Fixed
Affects Version/s: None
Fix Version/s: 10.6.19
Component/s: Authentication and Privilege System
Labels:
None

Description

Currently once a user is "blocked" because of hitting wrong password attempts limit, it is impossible to unblock it except by running a FLUSH PRIVILEGES command.

This is also apparent in the error message.
eng "User is blocked because of too many credential errors; unblock with 'FLUSH PRIVILEGES'"

FLUSH PRIVILEGES is an outdated command, typically used when manual ACL tables were modified. It causes heavy disk reads of all ACL tables. There should be a less heavyweight way of reseting user limits.

The proposed solution, as agreed with serg and monty is to make any ALTER USER command reset those counters.

This means that ALTER USER foo ACCOUNT UNLOCK can be used to reset account limit counters without actually affecting the user. A user could not have reached max wrong password attempts if the account was locked in the first place.

Attachments

Issue Links

relates to: DOCS-5477 Loading...

Activity

People

Assignee:: Vicențiu Ciorbaru

Reporter:: Vicențiu Ciorbaru

Votes:: 0 Vote for this issue

Watchers:: 7 Start watching this issue

Dates

Created:: 2024-06-05 19:05

Updated:: 2024-09-18 16:06

Resolved:: 2024-06-20 06:59

Git Integration

Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.