The header at the top of the page applies. What exactly do you want to happen? What do you think the state is? Have you verified this?

RPM, Deb and Docker Official Images all do not have a blank root password. If you manually installed with a tarball you might depending on the mariadb-install-db options provided.

This is my testing result on my Debian 10 Linux.

Debian10:~$ apt-get install mariadb-server
Debian10:~$ mysql_secure_installation (skip set root password)

You already have a root password set, so you can safely answer 'n'.

Change the root password? [Y/n] n

 ... skipping.

Debian10:~$ mysql -u root -e "SELECT Host,User,Password FROM mysql.user;"

+-----------+------+----------+

| Host      | User | Password |

+-----------+------+----------+

| localhost | root |          |

+-----------+------+----------+

You could see that the default root password is blank after query database.

Note: the version information.

Debian10:~$ sudo mysqladmin version

mysqladmin  Ver 9.1 Distrib 10.3.34-MariaDB, for debian-linux-gnu on x86_64

Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.

Server version		10.3.34-MariaDB-0+deb10u1

Protocol version	10

Connection		Localhost via UNIX socket

UNIX socket		/var/run/mysqld/mysqld.sock

Uptime:			15 min 4 sec

Threads: 6  Questions: 62  Slow queries: 0  Opens: 33  Flush tables: 1  Open tables: 26  Queries per second avg: 0.068

MariaDB-10.3 is unmaintained.

https://mariadb.org/about/#maintenance-policy

Also:

root@1ebdebe0d842:/# mysql

Welcome to the MariaDB monitor.  Commands end with ; or \g.

Your MariaDB connection id is 38

Server version: 10.3.39-MariaDB-0+deb10u1 Debian 10

Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

MariaDB [(none)]> show create user; 

+-----------------------------------------------------------+

| CREATE USER for root@localhost                            |

+-----------------------------------------------------------+

| CREATE USER `root`@`localhost` IDENTIFIED VIA unix_socket |

+-----------------------------------------------------------+

1 row in set (0.000 sec)

root@1ebdebe0d842:/# useradd -m tom 

root@1ebdebe0d842:/# su  tom -c  "mysql -u root -p"

Enter password: 

ERROR 1698 (28000): Access denied for user 'root'@'localhost'

root@1ebdebe0d842:/# su  tom -c  "mysql -u root"

ERROR 1698 (28000): Access denied for user 'root'@'localhost'

root@1ebdebe0d842:/# 

As this isn't accessible with a blank password, so there is no blank password.

It is accessible to the unix root user, not because the password is blank, its because its unix socket authenticated

Thanks for the response.

One more question, in my another Linux Server Debian 11, it is using MariaDB 10.5. Is MariaDB 10.5 also unmaintained ?

it should be:
10.5 24 Jun 2020 Jun 2025

10.5 is maintained by us until Jun 2025. Most likely Debian will continue to package updates, or failing that, the MariaDB distributed Debian packages are almost identical.

There's a knowledge base article on differences, https://mariadb.com/kb/en/differences-in-mariadb-in-debian-and-ubuntu/.

MariaDB 10.4+ are capable of a unix_plugin + a password (default undefined rather than "empty").

password fields in mysql.user, particular in 10.4+ are a pseudo compatibility interface, with multiple plugins there's only auth data per plugin, which is why is a mysql.global_privs based view.

If in doubt, like above, test the functionality.

You shouldn't need mysql_secure_installation on Debian, and its got a long list of bugs that need to be fixed.