Comments on: securich http://mysqlpreacher.com/wordpress Because Sharing is Caring Thu, 12 Apr 2012 12:35:55 -0700 hourly 1 http://wordpress.org/?v=3.1.4 By: Darren Cassar http://mysqlpreacher.com/wordpress/securich/comment-page-1/#comment-904 Darren Cassar Tue, 05 Oct 2010 19:16:20 +0000 http://mysqlpreacher.com/wordpress/?page_id=173#comment-904 Good question Colin, there is a procedure called password_check which when called with update mysql.user to securich password and log the change in aud_password table so you know who is trying to change his password using mysql set password rather than securich version. With 0.2.5 there was a bug with securich set password which was fixed in 0.3 so you might want to consider the upgrade too. If you set an event in mysql 5.1 to call the password_check stored proc every day it should be pretty annoying for the users to have to change it daily and if you see a recursive offender you can follow it up with policies etc let me know if this doesn't answer your question. don't hesitate to email me at info \a\t securich \d\o\t com if you have any issues, comments, suggestions or feature requests Good question Colin, there is a procedure called password_check which when called with update mysql.user to securich password and log the change in aud_password table so you know who is trying to change his password using mysql set password rather than securich version. With 0.2.5 there was a bug with securich set password which was fixed in 0.3 so you might want to consider the upgrade too.

If you set an event in mysql 5.1 to call the password_check stored proc every day it should be pretty annoying for the users to have to change it daily and if you see a recursive offender you can follow it up with policies etc

let me know if this doesn’t answer your question.
don’t hesitate to email me at info \a\t securich \d\o\t com if you have any issues, comments, suggestions or feature requests

]]> By: ColinF http://mysqlpreacher.com/wordpress/securich/comment-page-1/#comment-903 ColinF Tue, 05 Oct 2010 18:50:57 +0000 http://mysqlpreacher.com/wordpress/?page_id=173#comment-903 Darren - I Installed Securich 2.5 a couple of months ago and have a couple of questions. How do you enforce usage of Securich, aside from password aging, it seems users can ignore the fact that it is installed? If I set a strong password using Securich, what is to prevent a user from using the MySQL set password command to set it to something totally unsecure? Darren – I Installed Securich 2.5 a couple of months ago and have a couple of questions. How do you enforce usage of Securich, aside from password aging,
it seems users can ignore the fact that it is installed?

If I set a strong password using Securich, what is to prevent a user from using the
MySQL set password command to set it to something totally unsecure?

]]>