mysql设置密码复杂度策略，登录失败次数限制

在配置文件中加入如下配置，重启mysql服务

[mysqld]
#密码复杂度插件
plugin-load-add=validate_password.so
validate-password=FORCE_PLUS_PERMANENT
validate_password_policy=2 # 0简单 1普通 2困难
validate_password_length=9 # 密码长度限制
#登录失败次数、时间限制插件
plugin-load-add					= connection_control.so
connection-control                             	= FORCE
connection-control-failed-login-attempts       	= FORCE
connection_control_min_connection_delay		= 10000 # 超过失败次数后的最小等待时间 毫秒
connection_control_max_connection_delay		= 20000
connection_control_failed_connections_threshold	= 5 # 5次后限制登录

测试密码复杂度

创建用户

CREATE USER 'username'@'localhost' IDENTIFIED BY 'password'
> 1819 - Your password does not satisfy the current policy requirements
> 时间: 0.095s

查看插件位置show variables like 'plugin_dir';

查看密码验证变量：
show variables like ‘validate_password%’;

验证登录失败次数限制

先登录失败几次

bash-4.2# mysql -uroot -p111
mysql: [Warning] Using a password on the command line interface can be insecure.
ERROR 1045 (28000): Access denied for user 'root'@'localhost' (using password: YES)
bash-4.2# mysql -uroot -p111
mysql: [Warning] Using a password on the command line interface can be insecure.
ERROR 1045 (28000): Access denied for user 'root'@'localhost' (using password: YES)

达到限制后会进行等待，还可查看登录失败信息：

select * from information_schema.connection_control_failed_login_attempts;