1.设置密码复杂度校验功能
SELECT * from mysql.`plugin`;
INSTALL PLUGIN validate_password SONAME "validate_password.so";
show variables like "validate%";
set global validate_password_policy = 1;
set global validate_password_length = 8;
2.配置密码有效期策略
SET GLOBAL default_password_lifetime = 90;
3.配置登录失败处理功能
install plugin CONNECTION_CONTROL soname 'connection_control.so';
install plugin CONNECTION_CONTROL_FAILED_LOGIN_ATTEMPTS soname 'connection_control.so';
show variables like 'connection_control%';
//单个用户密码登录失败的上限次数
set global connection_control_failed_connections_threshold=5;
//达到失败上限后等待30秒再次尝试登录
set global connection_control_min_connection_delay=90000;
//卸载插件
UNINSTALL PLUGIN CONNECTION_CONTROL;
UNINSTALL PLUGIN CONNECTION_CONTROL_FAILED_LOGIN_ATTEMPTS;
4.配置连接超时功能
配置my.cnf
interactive_timeout=900
5.实现管理用户权限分离
operator(操作员ÿ