Passwords don't seem to matter?

**deskjockey** · Mar 18, 2004 10:07

I tried the Search, but couldn't find an exact answer to my newb question....

I just set up MySQL, and I changed the password for the "root" user by using the following:

mysql>SET PASSWORD FOR root@localhost=PASSWORD("new password");
mysql>SET PASSWORD FOR root@"%"=PASSWORD("new password");
mysql>FLUSH PRIVILEGES;

The above code DID change the password for "root" and I DO get rejected if I try to use other passwords to log in to MySQL. The problem is, I can still log on to MySQL if I do not specify the user as root, and simply hit ENTER at the password prompt. This obviously seems to defeat the purpose of changing passwords for the root user when I can simply circumvent the check system.

Am I missing something here? Do I need to add some parameters to the my.ini file to make this more secure? As I said, I'm a newb to MySQL....it took me several tries just to get it operational (finally!), so it's VERY possible that I'm missing something that s/b quite obvious.

Thanks.
-G

**jeremyf** · Mar 18, 2004 11:28

Two default user entries are made and need to be removed. You can download the manual from http://www.mysql.com/get/Downloads/M....pdf/from/pick
Page 115 and 116 cover this issue.

Jez

**deskjockey** · Mar 18, 2004 11:47

Originally Posted by jeremyf

Two default user entries are made and need to be removed. You can download the manual from http://www.mysql.com/get/Downloads/M....pdf/from/pick
Page 115 and 116 cover this issue.

Jez

Sweet!
Thanks.

User Tag List

Thread: Passwords don't seem to matter?

Thread Tools

Display

Passwords don't seem to matter?

Bookmarks

Bookmarks

Posting Permissions