tencent cloud

TDSQL-C for MySQL

Release Notes and Announcements
Release Notes
Product Announcements
Beginner's Guide
Product Introduction
Overview
Strengths
Use Cases
Architecture
Product Specifications
Instance Types
Product Feature List
Database Versions
Regions and AZs
Common Concepts
Use Limits
Suggestions on Usage Specifications
Kernel Features
Kernel Overview
Kernel Version Release Notes
Optimized Kernel Version
Functionality Features
Performance Features
Security Features
Stability Feature
Analysis Engine Features
Inspection and Repair of Kernel Issues
Purchase Guide
Billing Overview
Product Pricing
Creating Cluster
Specification Adjustment Description
Renewal
Payment Overdue
Refund
Change from Pay-as-You-Go to Yearly/Monthly Subscription
Change from Pay-as-You-Go to Serverless Billing
Value-Added Services Billing Overview
Viewing Billing Statements
Getting Started
Database Audit
Overview
Viewing Audit Instance List
Enabling Audit Service
Viewing Audit Logs
Log Shipping
Post-Event Alarm Configuration
Modifying Audit Rule
Modifying Audit Service
Disabling Audit Service
Audit Rule Template
Viewing Audit Task
Authorizing Sub-User to Use Database Audit
Serverless Service
Serverless Introduction
Creating and Managing a Serverless Cluster
Elastic Scaling Management Tool
Serverless Resource Pack
Multi-AZ Deployment
Configuration Change
FAQs
Serverless Cost Estimator
Operation Guide
Operation Overview
Switching Cluster Page View in Console
Database Connection
Instance Management
Configuration Adjustment
Instance Mode Management
Cluster Management
Scaling Instance
Database Proxy
Account Management
Database Management
Database Management Tool
Parameter Configuration
Multi-AZ Deployment
GD
Backup and Restoration
Operation Log
Data Migration
Parallel Query
Columnar Storage Index (CSI)
Analysis Engine
Database Security and Encryption
Monitoring and Alarms
Basic SQL Operations
Connecting to TDSQL-C for MySQL Through SCF
Tag
Practical Tutorial
Classified Protection Practice for Database Audit of TDSQL-C for MySQL
Upgrading Database Version from MySQL 5.7 to 8.0 Through DTS
Usage Instructions for TDSQL-C MySQL
New Version of Console
Implementing Multiple RO Groups with Multiple Database Proxy Connection Addresses
Strengths of Database Proxy
Selecting Billing Mode for Storage Space
Creating Remote Disaster Recovery by DTS
Creating VPC for Cluster
Data Rollback
Solution to High CPU Utilization
How to Authorize Sub-Users to View Monitoring Data
White Paper
Security White Paper
Performance White Paper
Troubleshooting
Connection Issues
Performance Issues
API Documentation
History
Introduction
API Category
Making API Requests
Instance APIs
Multi-Availability Zone APIs
Other APIs
Audit APIs
Database Proxy APIs
Backup and Recovery APIs
Parameter Management APIs
Billing APIs
serverless APIs
Resource Package APIs
Account APIs
Performance Analysis APIs
Data Types
Error Codes
FAQs
Basic Concepts
Purchase and Billing
Compatibility and Format
Connection and Network
Features
Console Operations
Database and Table
Performance and Log
Database Audit
Between TDSQL-C for MySQL and TencentDB for MySQL
Service Agreement
Service Level Agreement
Terms of Service
TDSQL-C Policy
Privacy Policy
Data Privacy and Security Agreement
General References
Standards and Certifications
Glossary
Contact Us
DocumentationTDSQL-C for MySQLOperation GuideAccount ManagementDatabase AccountConfiguring Custom Password StrengthOverview

Overview

PDF
Focus Mode
Font Size
Last updated: 2022-11-14 16:38:12
This document describes the custom password strength feature of TDSQL-C for MySQL.

Feature overview

Passwords are the most important means for protecting database security. As more data security regulations are introduced, there are higher requirements for the database password strength. TDSQL-C for MySQL supports the custom password strength feature to protect your database security and meet your needs for compliance with applicable regulations.
You can configure this feature in the console to enable password strength for all password-related operations. This helps protect your passwords from leakage or other risks. The feature offers the following configuration items:
Parameter
Description
Min Number of Uppercase and Lowercase Pair
Default value: 1. Value range: 1–50.
Min Number of Digits
Default value: 1. Value range: 1–50.
Min Number of Symbols
Default value: 1. Value range: 1–50.
Min Password Length
Default value: 8. Value range: 8–256.
Non-Compliant Dictionary
If the password strength level is STRONG, this parameter is configurable. Each non-compliant word can contain 4–100 letters.
Password Strength Level
You can select MEDIUM or STRONG as the strength level.
MEDIUM: The feature under this setting will check the length, digits, letters, and symbols.
STRONG: The feature under this setting will check the length, digits, letters, symbols, and non-compliant word dictionary.
Modify Parameters
You can modify the feature parameters to flexibly adjust the password strength settings.
Parameter Sync
Parameter sync and batch disablement features are provided, so you can batch apply the configuration in multiple clusters at a time.
After the custom password strength feature is enabled, you must meet the defined password strength requirements when setting passwords during operations such as account creation, password resetting, and account cloning.
When you connect to the database and use the command line to perform operations, if the custom password strength feature is enabled, all statements involving password setting will be restricted, such as CREATE USER, ALTER USER, and SET PASSWORD. When you use such statements to set or change an account password, the password must meet the defined password strength requirements.

Prerequisites

You have created a TDSQL-C for MySQL cluster.

Version limits

The custom password strength feature is supported by the following versions:
MySQL 5.7 on kernel minor version 2.0.21 or later and 2.1.7 or later.
MySQL 8.0 on kernel minor version 3.1.7.
You can use this feature only after upgrading the kernel to the above versions. For detailed directions, see Upgrading Kernel Minor Version.

Mutually exclusive tasks

A password strength customization task cannot be executed while a cluster is running another task, such as isolation, rollback, creation, minor version upgrade, or parameter modification. The two tasks are mutually exclusive and will be performed sequentially.

Relevant operations

You can grant a sub-account the permission to use the custom password strength feature as instructed in Granting Sub-User Feature Permissions.
You can enable/disable this feature as instructed in Enabling/Disabling Custom Password Strength Feature.
After the custom password strength feature is enabled, you can modify the custom password strength and specific parameters as well as configure parameter sync as instructed in Modifying Parameters and Configuring Parameter Sync.
Previous Topic: Creating AccountNext Topic: Granting Sub-User Feature Permissions

Help and Support

Was this page helpful?

Help us improve! Rate your documentation experience in 5 mins.

Feedback