Disabling MySQL Password Feature

I have MySQL 5.6.31 installed on RHEL 7.2. There is a root user which exists and it has some password associated with it. So basically, I log in to mysql from the command like the following:

mysql -u root -pmypas

Similarly, I have a user defined say for example, jack with password jack. So, could log in like the following:

mysql -u jack -pjack

I am connecting to this user from PHP 5.5 which is installed on the same platform and I had to specify password while making a connection. Is there a way, I can remove password feature from somewhere? Please advise.

If you create another user that doesn’t have a password, does that do what you need?

Hi @droopsnoot,

My Web app has a functionality to create a user. Could you tell me how can I try to log in without any password? I mean how would the below command would look like in that case:

mysql -u jack -pmypass

Actually, when I try to log in using my app where PHP sessions are used, I get the following in my logs (this happens with even the user jack which is already created and has password):

PHP Fatal error: Could Not Connect to the Database : Access denied for user 'apache'@'localhost' (using password: YES) in /var/www/

You shouldn’t have to enter in your password on the same line you do

mysql -u root -p

You should be prompt a Enter Password message after that. You then can use your password. But I don’t think it is supposed to work the way you are doing it. Also, you might want to put a space in between -p and your password if you really wanted to do that. I suggest trying the root account with no password. If it doesn’t work, you might have to reinstall MySQL.

I can log in for root user using the command mysql -u root -pmypas and for regular user like mysql -u jack -pjack. Trying to log in without password for root doesn’t work, like this mysql -u root -p because it prompts for password on next line and I just pressed enter to test login without any password. Someone has setup MySQL root account to accept password. Is it like I need to disable root password requirement in order to have normal users log in without password?

Actually, it worked. a normal user can log in using the following command.

mysql -u jack

But when I ran the following command, select current_user(), I just saw @localhost instead of jack@localhost. Does anyone know why?

Infact, when I do mysql -u abcd, irrespective of whether user abcd exists in a particular table of database or not, I always see @localhost.

It shouldn’t work with -pmypass because the password flag is combined with the password which should throw an error. You also shouldn’t remove or disable your root password as it might be needed if you screw something up. Adding a new user shouldn’t be hard. I don’t recall the command, but I’ll look for t as soon as I get home.

My personal preference is to create a new “super user” which has the same rights as root, and that has to use a password. I then delete root. Each web app I give it’s own database user and for a live site I would lock an app’s database user down to just being able to access its own database and with only the permissions that it needs to function

1 Like

No, that’s the correct way to do it:

https://dev.mysql.com/doc/refman/5.7/en/connecting.html

This topic was automatically closed 91 days after the last reply. New replies are no longer allowed.