MySQL 5.6 Reference Manual Including MySQL NDB Cluster 7.3-7.4 Reference Guide
MySQL includes two plugins that implement native authentication;
that is, authentication based on the password hashing methods in
use from before the introduction of pluggable authentication.
This section describes mysql_native_password
,
which implements authentication against the
mysql.user
system table using the native
password hashing method. For information about
mysql_old_password
, which implements
authentication using the older (pre-4.1) native password hashing
method, see
Section 6.4.1.2, “Old Native Pluggable Authentication”. For
information about these password hashing methods, see
Section 6.1.2.4, “Password Hashing in MySQL”.
The following table shows the plugin names on the server and client sides.
Table 6.8 Plugin and Library Names for Native Password Authentication
Plugin or File | Plugin or File Name |
---|---|
Server-side plugin | mysql_native_password |
Client-side plugin | mysql_native_password |
Library file | None (plugins are built in) |
The following sections provide installation and usage information specific to native pluggable authentication:
For general information about pluggable authentication in MySQL, see Section 6.2.11, “Pluggable Authentication”.
The mysql_native_password
plugin exists in
server and client forms:
The server-side plugin is built into the server, need not be loaded explicitly, and cannot be disabled by unloading it.
The client-side plugin is built into the
libmysqlclient
client library and is
available to any program linked against
libmysqlclient
.
MySQL client programs use
mysql_native_password
by default. The
--default-auth
option can be
used as a hint about which client-side plugin the program can
expect to use:
shell> mysql --default-auth=mysql_native_password ...
If an account row specifies no plugin name, the server
authenticates the account using either the
mysql_native_password
or
mysql_old_password
plugin, depending on
whether the password hash value in the
Password
column used native hashing or the
older pre-4.1 hashing method. Clients must match the password
in the Password
column of the account row.