what is the default Password Policy in mysql 5.0 ?
Best Answer
if by default password policy you mean "are there a minimum set of rules that need to be met in order to have a valid password with a default installation of MySQL", then the short answer is that there is no default password policy.
a default install of MySQL can be done with no password for a root user at all. Some distros (e.g. debian installing mysql via apt) insist on a root password, but no complexity rules are enforced.
there are 3rd party plugins to create policies (e.g. securich), but nothing that would enforce specific complexity or aging rules within the base system
Don't use replicate-do-db and replicate-ignore-db, because those options are dangerous.
look at this article.
Just use --replicate-wild-ignore-table=mysql.% option.
I would reccomend you to set --replicate-wild-ignore-table=mysql.user - this skip only password and global grants replication, while table and column level grants are still replicated.
You can also use SET SQL_LOG_BIN=0 to disable logging statements for current session, eg. when you create new user or change a password.
Looks like the password is set on the 'root'@'localhost' user entry, but not on the 'root'@'%' entry; password-free authentication would be allowed based on that.
For security purposes, reconsider allowing root access from anywhere. If you do need it, then just get rid of the localhost specifications:
drop user 'root'@'localhost';
drop user 'root'@'127.0.0.1';
drop user 'root'@'::1';
And set the password for the 'root'@'%' user:
set password for 'root'@'%' = password('passwordhere');
Best Answer
if by default password policy you mean "are there a minimum set of rules that need to be met in order to have a valid password with a default installation of MySQL", then the short answer is that there is no default password policy.
a default install of MySQL can be done with no password for a root user at all. Some distros (e.g. debian installing mysql via apt) insist on a root password, but no complexity rules are enforced.
there are 3rd party plugins to create policies (e.g. securich), but nothing that would enforce specific complexity or aging rules within the base system