Are you a
Securich is a tool designed to help MySQL DBA in administering user privileges. It is totally modular and new stored procedures are easily added.
You can find it HERE and report any bugs HERE
Darren – I Installed Securich 2.5 a couple of months ago and have a couple of questions. How do you enforce usage of Securich, aside from password aging,
it seems users can ignore the fact that it is installed?
If I set a strong password using Securich, what is to prevent a user from using the
MySQL set password command to set it to something totally unsecure?
Good question Colin, there is a procedure called password_check which when called with update mysql.user to securich password and log the change in aud_password table so you know who is trying to change his password using mysql set password rather than securich version. With 0.2.5 there was a bug with securich set password which was fixed in 0.3 so you might want to consider the upgrade too.
If you set an event in mysql 5.1 to call the password_check stored proc every day it should be pretty annoying for the users to have to change it daily and if you see a recursive offender you can follow it up with policies etc
let me know if this doesn’t answer your question.
don’t hesitate to email me at info \a\t securich \d\o\t com if you have any issues, comments, suggestions or feature requests
Mail (will not be published) (required)