MYSQL 安全设置

登录mysql，查询已安装的插件：show plugins

查询mysql插件目录位置：show variables like "%plugin_dir%";

在MySQL 8.0之前，MySQL使用的是validate_password插件（plugin）检测、验证账号密码强度，保障账号的安全性，而到了MySQL 8.0，引入了服务器组件（Components）这个特性，validate_password插件已用服务器组件重新实现

mysql> SELECT * FROM mysql.component;

ALTER USER 'huizhen'@'%' PASSWORD EXPIRE NEVER;
ALTER USER 'xlpk'@'%' PASSWORD EXPIRE NEVER;
ALTER USER 'root'@'localhost' PASSWORD EXPIRE NEVER;
select user,host,password_expired,password_lifetime,password_last_changed,account_locked from mysql.user;
ALTER USER 'xlpk'@'%' PASSWORD EXPIRE INTERVAL 90 DAY;
ALTER USER 'huizhen'@'%' PASSWORD EXPIRE INTERVAL 90 DAY;
ALTER USER 'root'@'localhost' PASSWORD EXPIRE INTERVAL 90 DAY;
INSTALL PLUGIN validate_password SONAME 'validate_password.so';
UNINSTALL PLUGIN validate_password;
install plugin CONNECTION_CONTROL_FAILED_LOGIN_ATTEMPTS soname 'connection_control.so';
install plugin CONNECTION_CONTROL soname 'connection_control.so';

show variables like '%connection_control%';
vim /etc/my.cnf
connection-control-failed-connections-threshold=3
connection-control-min-connection-delay=1800000 （30分钟）
UPDATE mysql.user set user = 'cturoot' where user = 'root';

https://www.cnblogs.com/kerrycode/p/13501292.html

https://blog.csdn.net/sumengnan/article/details/114096448