How Do I Configure a Password Expiration Policy for GaussDB(for MySQL) Instances?
In GaussDB(for MySQL) 8.0, you can configure the global variable default_password_lifetime to control the default validity period of a user password.
The value of default_password_lifetime indicates how many days until a password expires. The default value is 0, indicating that the created user password will never expire.
Changing the Global Automatic Password Expiration Policy
- Change the value of the default_password_lifetime parameter on the GaussDB(for MySQL) console.
For details, see Modifying a Parameter Template.
- Run the following command to change the value of default_password_lifetime:
mysql> set global default_password_lifetime=0;
Checking the Password Expiration Date of All Users
Run the following command:
mysql> select user,host,password_expired,password_last_changed,password_lifetime from user;
Checking the Password Expiration Policy of a Specified User
Run the following command:
mysql> show create user jeffrey@'localhost';
EXPIRE DEFAULT indicates that the password follows the global expiration policy.
Configuring the Password Expiration Policy for a Specified User
- Configuring the password expiration policy during user creation
create user 'script'@'localhost' identified by '*********' password expire interval 90 day;
- Configuring the password expiration policy after user creation
ALTER USER 'script'@'localhost' PASSWORD EXPIRE INTERVAL 90 DAY;
- Setting the password to be permanently valid
mysql> CREATE USER 'mike'@'%' PASSWORD EXPIRE NEVER;
mysql> ALTER USER 'mike'@'%' PASSWORD EXPIRE NEVER;
- Setting the password to follow the global expiration policy
mysql> CREATE USER 'mike'@'%' PASSWORD EXPIRE DEFAULT;
mysql> ALTER USER 'mike'@'%' PASSWORD EXPIRE DEFAULT;
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.