mysqlpasswords

Your password does not satisfy the current policy requirements


I want to create a new user in MySQL with the syntax:

create user 'demo'@'localhost' identified by 'password';

But it returns an error:

Your password does not satisfy the current policy requirements.

I have tried many passwords but they don't work. How can I fix this?


Solution

  • Because of your password. You can see password validate configuration metrics using the following query in MySQL client:

    SHOW VARIABLES LIKE 'validate_password%';
    

    The output should be something like that :

    +--------------------------------------+-------+
    | Variable_name                        | Value |
    +--------------------------------------+-------+
    | validate_password.check_user_name    | ON    |
    | validate_password.dictionary_file    |       |
    | validate_password.length             | 6     |
    | validate_password.mixed_case_count   | 1     |
    | validate_password.number_count       | 1     |
    | validate_password.policy             | LOW   |
    | validate_password.special_char_count | 1     |
    +--------------------------------------+-------+
    

    Now that the rules for a valid password are clear, you could chose a valid password.

    To check the strength of the password you chose, use the VALIDATE_PASSWORD_STRENGTH() function, for example:

    SELECT VALIDATE_PASSWORD_STRENGTH('weak');
    +------------------------------------+
    | VALIDATE_PASSWORD_STRENGTH('weak') |
    +------------------------------------+
    |                                 25 |
    +------------------------------------+
    SELECT VALIDATE_PASSWORD_STRENGTH('lessweak$_@123');
    +----------------------------------------------+
    | VALIDATE_PASSWORD_STRENGTH('lessweak$_@123') |
    +----------------------------------------------+
    |                                           50 |
    +----------------------------------------------+
    SELECT VALIDATE_PASSWORD_STRENGTH('N0Tweak$_@123!');
    +----------------------------------------------+
    | VALIDATE_PASSWORD_STRENGTH('N0Tweak$_@123!') |
    +----------------------------------------------+
    |                                          100 |
    +----------------------------------------------+
    

    Alternatively, you can lower the password policy level or change the validation rules, for example:

    SET GLOBAL validate_password.length = 6;
    SET GLOBAL validate_password.number_count = 0;
    

    Check the MySQL Documentation.