Thanks for the update, Shawn. I'll check it out right now. On Mon, Sep 24, 2012 at 4:40 PM, Shawn Green <shawn.l.gr...@oracle.com>wrote:
> Hello Arthur, > > > On 9/24/2012 4:25 PM, Arthur Fuller wrote: > >> On this note, one thing that really bugs me about MySQL passwords is the >> inability to use special characters. In the SQL Server world, I let users >> choose their own passwords, but obeying these rules: >> >> It cannot be a dictionary word or sequence of words. >> It must contain at least one numeric digit. >> It must contain a mix of upper and lower case. >> It must contain at least one special character. >> >> That combination makes a password very difficult to crack. I don't know >> why >> MySQL falls so short in this respect. >> >> > MySQL continues to improve in this respect. While it's true that our last > big security change was the enhanced password hash function introduced in > 4.1 we have not been completely insensitive to the needs of our customers. > For example, check out the list of account and security improvements > arriving in MySQL 5.6 > http://dev.mysql.com/doc/**refman/5.6/en/mysql-nutshell.**html<http://dev.mysql.com/doc/refman/5.6/en/mysql-nutshell.html> > > In particular, the password complexity threshold can be configured using > the new Password Validation plugin: > http://dev.mysql.com/doc/**refman/5.6/en/validate-**password-plugin.html<http://dev.mysql.com/doc/refman/5.6/en/validate-password-plugin.html> > > Yours, > -- > Shawn Green >