MariaDB Academy: Authentication from MariaDB 10.4, and Account Locking and Password Expiry

This week sees the release of Authentication from MariaDB 10.4 on the MariaDB Foundation YouTube channel.

The latest in the series of video tutorials, it provides an overview of what’s changed with authentication from MariaDB 10.4, and looks in particular at unix_socket authentication. Although you’ll hopefully no longer need it, in case you have reverted to the old password authentication model, there’s the ubiqutous “how to restore access if you’ve lost your password” tutorial as well.

Continuing the MariaDB 10.4 theme, last week saw the release of Account Locking and Password Expiry by MariaDB Foundation software developer Robert Bindar. …

Authentication in MariaDB 10.4 — Understanding the Changes

MariaDB Server 10.4 came with a whole lot of Security related changes. Some of them are merely optimizations (like MDEV-15649), some improve existing features to be more robust (MDEV-15473, MDEV-7598) or convenient (MDEV-12835, MDEV-16266). Some are MySQL compatibility features, requested by our users (MDEV-7597, MDEV-13095).

But the first thing any MariaDB Server user, whether an experienced veteran or a newbie, does — before even issuing the first SQL statement — is logging in. Authenticating to the database server. …

Who are you? The history of MySQL and MariaDB authentication protocols from 1997 to 2017

MySQL 3.20 to 4.0

In the good old days, when 32MB of RAM justified the name my-huge.cnf, when nobody knew Google and Facebook didn’t even exist, security was… how do I put it… kind of cute. Computer viruses didn’t steal millions and didn’t disrupt elections — they played Yankee Doodle or told you not to play with the PC. People used telnet and ftp, although some security conscious admins already knew ssh.

Somewhere around this time, give or take a few years, MySQL was born. And it had users, who had to be kept away from seeing others’ data, but allowed to use their own. …