Last week I had the opportunity to speak at the MySQL and Heatwave Summit in San Francisco.
I discussed the impact of the new MySQL 8.0 default caching_sha2_password authentication, replacing the mysql_native_password authentication that was the default for approximately 20 of the 30 years that MySQL has existed.
The new authentication plugin implements multiple strategies to improve on the insecure previous approach including using SHA256, multiple iterations and password salts.
As with any presentation, while you may have solid knowledge on any given topic, it was great for the audience to share .
Thanks Fred for informing me of print_identified_with_as_hex variable
. I was unaware of this flag to address the SHOW CREATE USER issue I presented in my slides.
I also did not cover in my presentation the impact of TLS versions being deprecated and removed in MySQL 8.0.x versions. Thanks Mark for reminding me. For more information read the documentation on encrypted-connection-protocols-ciphers
.
SQL > show global variables like 'print%';
+------------------------------+-------+
| Variable_name | Value |
+------------------------------+-------+
| print_identified_with_as_hex | OFF |
+------------------------------+-------+
You can find a copy of my slides on my presentations page.
