mysql root用户设置密码

下面的文章主要介绍了用户密码的设置方式以及密码的修改方式以及mysql自带的测试库test库安全建议

A root account password can be set several ways. The following discussion demonstrates three methods:

Use the SET PASSWORD statement  #使用set password方式

Use the UPDATE statement  #使用update方式

Use the mysqladmin command-line client program   #使用mysqladmin方式

To assign passwords using SET PASSWORD, connect to the server as root and issue a SET PASSWORD statement for each root account listed in the mysql.user table.

For Windows, do this:(windows设置方式)

shell>mysql -u root

mysql>SET PASSWORD FOR 'root'@'localhost' = PASSWORD('newpwd');

mysql>SET PASSWORD FOR 'root'@'127.0.0.1' = PASSWORD('newpwd');

mysql>SET PASSWORD FOR 'root'@'::1' = PASSWORD('newpwd');

mysql>SET PASSWORD FOR 'root'@'%' = PASSWORD('newpwd');

The last statement is unnecessary if themysql.usertable has norootaccount with a host value of%.

For Unix, do this:

shell>mysql -u root  #使用root帐号登录,登陆后修改相应的密码

mysql>SET PASSWORD FOR 'root'@'localhost' = PASSWORD('newpwd');

mysql>SET PASSWORD FOR 'root'@'127.0.0.1' = PASSWORD('newpwd');

mysql>SET PASSWORD FOR 'root'@'::1' = PASSWORD('newpwd');

mysql>SET PASSWORD FOR 'root'@'host_name' = PASSWORD('newpwd');

You can also use a single statement that assigns a password to all root accounts by using UPDATE to modify the mysql.user table directly. This method works on any platform:


由于mysql的用户是由用户名和授权登录的地址段组成,可以使用下面的命令一次性更新所有的root密码

shell>mysql -u root  

mysql>UPDATE mysql.user SET Password = PASSWORD('newpwd') WHERE User = 'root';

#更新mysql user表中的root的密码

mysql>FLUSH PRIVILEGES;  (注意update方式更新的密码,必须刷新权限,如果不刷新更新的密码不生效)

The FLUSH statement causes the server to reread the grant tables. Without it, the password change remains unnoticed by the server until you restart it.

To assign passwords to the root accounts using mysqladmin, execute the following commands:

#mysqladmin方式更新用户密码(windows和linux都有效)

shell>mysqladmin -u root password "newpwd"

shell>mysqladmin -u root -hhost_name password "newpwd"

Those commands apply both to Windows and to Unix. The double quotation marks around the password are not always necessary, but you should use them if the password contains spaces or other characters that are special to your command interpreter.


 注意 mysqladmin命令不能用于下面两个用户的更新


1)'root'@'127.0.0.1' 

2) 'root'@'::1'



The mysqladmin method of setting the root account passwords does not work for the'root'@'127.0.0.1' or 'root'@'::1'account. Use the SET PASSWORD method shown earlier.

After the root passwords have been set, you must supply the appropriate password whenever you connect as root to the server. For example, to shut down the server with mysqladmin, use this command:

shell>mysqladmin -u root -p shutdown Enter password:(enter root password here)

The mysql commands in the following instructions include a-poption based on the assumption that you have assigned the root account passwords using the preceding instructions and must specify that password when connecting to the server.


匿名用户设置密码方式


Assigning Anonymous Account Passwords

To assign passwords to the anonymous accounts, connect to the server as root, then use either SET PASSWORD or UPDATE.

方式一:

To use SET PASSWORD on Windows, do this:

shell>mysql -u root -p 

Enter password:(enter root password here)

mysql>SET PASSWORD FOR ''@'localhost' = PASSWORD('newpwd');

To use SET PASSWORD on Unix, do this:

shell>mysql -u root -p

Enter password:(enter root password here)

mysql>SET PASSWORD FOR ''@'localhost' = PASSWORD('newpwd');

mysql>SET PASSWORD FOR ''@'host_name' = PASSWORD('newpwd');

方式二:

To set the anonymous-user account passwords with a single UPDATE statement, do this (on any platform):

shell>mysql -u root -p

Enter password:(enter root password here)

mysql>UPDATE mysql.user SET Password = PASSWORD('newpwd')->WHERE User = '';

mysql>FLUSH PRIVILEGES;

The FLUSH statement causes the server to reread the grant tables. Without it, the password change remains unnoticed by the server until you restart it.


Removing Anonymous Accounts

移除匿名帐号的方法

If you prefer to remove any anonymous accounts rather than assigning them passwords, do so as follows on Windows:

shell>mysql -u root -p 

Enter password:(enter root password here)

mysql>DROP USER ''@'localhost';

On Unix, remove the anonymous accounts like this:

shell>mysql -u root -p

Enter password:(enter root password here)

mysql>DROP USER ''@'localhost';

mysql>DROP USER ''@'host_name';


test数据库的安全风险

Securing Test Databases

By default, the mysql.db table contains rows that permit access by any user to the test database and other databases with names that start with test_. (These rows have an empty User column value, which for access-checking purposes matches any user name.) This means that such databases can be used even by accounts that otherwise possess no privileges. If you want to remove any-user access to test databases, do so as follows:

test数据库任何账户都可以访问,这样就存在着风险,用户恶意写入数据使数据库写满

shell>mysql -u root -p

Enter password:(enter root password here)

mysql>DELETE FROM mysql.db WHERE Db LIKE 'test%';

mysql>FLUSH PRIVILEGES;

The FLUSH statement causes the server to reread the grant tables. Without it, the privilege change remains unnoticed by the server until you restart it.

With the preceding change, only users who have global database privileges or privileges granted explicitly for thetestdatabase can use it. However, if you prefer that the database not exist at all, drop it:

mysql>DROP DATABASE test;

最后编辑于
©著作权归作者所有,转载或内容合作请联系作者
  • 序言:七十年代末,一起剥皮案震惊了整个滨河市,随后出现的几起案子,更是在滨河造成了极大的恐慌,老刑警刘岩,带你破解...
    沈念sama阅读 211,423评论 6 491
  • 序言:滨河连续发生了三起死亡事件,死亡现场离奇诡异,居然都是意外死亡,警方通过查阅死者的电脑和手机,发现死者居然都...
    沈念sama阅读 90,147评论 2 385
  • 文/潘晓璐 我一进店门,熙熙楼的掌柜王于贵愁眉苦脸地迎上来,“玉大人,你说我怎么就摊上这事。” “怎么了?”我有些...
    开封第一讲书人阅读 157,019评论 0 348
  • 文/不坏的土叔 我叫张陵,是天一观的道长。 经常有香客问我,道长,这世上最难降的妖魔是什么? 我笑而不...
    开封第一讲书人阅读 56,443评论 1 283
  • 正文 为了忘掉前任,我火速办了婚礼,结果婚礼上,老公的妹妹穿的比我还像新娘。我一直安慰自己,他们只是感情好,可当我...
    茶点故事阅读 65,535评论 6 385
  • 文/花漫 我一把揭开白布。 她就那样静静地躺着,像睡着了一般。 火红的嫁衣衬着肌肤如雪。 梳的纹丝不乱的头发上,一...
    开封第一讲书人阅读 49,798评论 1 290
  • 那天,我揣着相机与录音,去河边找鬼。 笑死,一个胖子当着我的面吹牛,可吹牛的内容都是我干的。 我是一名探鬼主播,决...
    沈念sama阅读 38,941评论 3 407
  • 文/苍兰香墨 我猛地睁开眼,长吁一口气:“原来是场噩梦啊……” “哼!你这毒妇竟也来了?” 一声冷哼从身侧响起,我...
    开封第一讲书人阅读 37,704评论 0 266
  • 序言:老挝万荣一对情侣失踪,失踪者是张志新(化名)和其女友刘颖,没想到半个月后,有当地人在树林里发现了一具尸体,经...
    沈念sama阅读 44,152评论 1 303
  • 正文 独居荒郊野岭守林人离奇死亡,尸身上长有42处带血的脓包…… 初始之章·张勋 以下内容为张勋视角 年9月15日...
    茶点故事阅读 36,494评论 2 327
  • 正文 我和宋清朗相恋三年,在试婚纱的时候发现自己被绿了。 大学时的朋友给我发了我未婚夫和他白月光在一起吃饭的照片。...
    茶点故事阅读 38,629评论 1 340
  • 序言:一个原本活蹦乱跳的男人离奇死亡,死状恐怖,灵堂内的尸体忽然破棺而出,到底是诈尸还是另有隐情,我是刑警宁泽,带...
    沈念sama阅读 34,295评论 4 329
  • 正文 年R本政府宣布,位于F岛的核电站,受9级特大地震影响,放射性物质发生泄漏。R本人自食恶果不足惜,却给世界环境...
    茶点故事阅读 39,901评论 3 313
  • 文/蒙蒙 一、第九天 我趴在偏房一处隐蔽的房顶上张望。 院中可真热闹,春花似锦、人声如沸。这庄子的主人今日做“春日...
    开封第一讲书人阅读 30,742评论 0 21
  • 文/苍兰香墨 我抬头看了看天上的太阳。三九已至,却和暖如春,着一层夹袄步出监牢的瞬间,已是汗流浃背。 一阵脚步声响...
    开封第一讲书人阅读 31,978评论 1 266
  • 我被黑心中介骗来泰国打工, 没想到刚下飞机就差点儿被人妖公主榨干…… 1. 我叫王不留,地道东北人。 一个月前我还...
    沈念sama阅读 46,333评论 2 360
  • 正文 我出身青楼,却偏偏与公主长得像,于是被迫代替她去往敌国和亲。 传闻我的和亲对象是个残疾皇子,可洞房花烛夜当晚...
    茶点故事阅读 43,499评论 2 348

推荐阅读更多精彩内容