[#MDEV-24965] With ALTER USER ...IDENTIFIED BY command, password doesn't replaced by asterisks in audit log

With ALTER USER ...IDENTIFIED BY command, password doesn't replaced by asterisks in MariaDB audit log.

MariaDB [(none)]> GRANT ALL ON test.* TO test1@'%' IDENTIFIED BY 'Test@123';

Query OK, 0 rows affected (0.003 sec)

MariaDB [(none)]> SET PASSWORD FOR test1@'%' = password('Test@123');

Query OK, 0 rows affected (0.003 sec)

MariaDB [(none)]> ALTER USER test1@'%' IDENTIFIED BY 'Test@123';

Query OK, 0 rows affected (0.003 sec)

20210219 08:43:31,localhost.localdomain,root,localhost,8,10,QUERY,,'GRANT ALL ON test.* TO test1@\'%\' IDENTIFIED BY *****',0

20210219 08:44:35,localhost.localdomain,root,localhost,8,11,WRITE,mysql,global_priv,

20210219 08:44:35,localhost.localdomain,root,localhost,8,11,QUERY,,'SET PASSWORD FOR test1@\'%\' = password(*****)',0

20210219 08:45:04,localhost.localdomain,root,localhost,8,13,WRITE,mysql,global_priv,

20210219 08:45:04,localhost.localdomain,root,localhost,8,13,QUERY,,'ALTER USER test1@\'%\' IDENTIFIED BY \'Test@123\'',0

[MDEV-24965] With ALTER USER ...IDENTIFIED BY command, password doesn't replaced by asterisks in audit log Created: 2021-02-24 Updated: 2023-11-27 Resolved: 2021-02-26
Status:	Closed
Project:	MariaDB Server
Component/s:	Plugin - Audit
Affects Version/s:	10.3, 10.4, 10.5
Fix Version/s:	10.3.29, 10.4.19, 10.5.10