Home MySQL Fix – MySQL ERROR 1819 (HY000): Your password does not satisfy the current policy requirements

Fix – MySQL ERROR 1819 (HY000): Your password does not satisfy the current policy requirements

By sk
Published: Last Updated on 291.3K views

As you might have noticed, you will be prompted to enable VALIDATE PASSWORD component while setting up password for MySQL root user. If enabled, the Validate Password component will automatically check the strength of the given password and enforce the users to set only the passwords that are secure enough. If you provide a weak password, you will encounter with an error like this - ERROR 1819 (HY000): Your password does not satisfy the current policy requirements.

Technically speaking, it is not actually an error. This is a built-in security mechanism that forces the users to provide only the strong passwords based on the current password policy requirements.

Let me show you an example. I log in to MySQL server as root user using command:

$ mysql -u root -p

Create a database user with a weak password:

mysql> create user 'ostechnix'@'localhost' identified by 'mypassword';

And I encounter with the following error:

ERROR 1819 (HY000): Your password does not satisfy the current policy requirements
ERROR 1819 (HY000): Your password does not satisfy the current policy requirements
ERROR 1819 (HY000): Your password does not satisfy the current policy requirements

See? The Validate Password component doesn't allow me to create a user with a weak password (i.e. mypassword in this case).

You will keep getting this error until the password meets the requirements of the current password policy or you disable the Validate Password component. We will see how to do it in the following section.

Fix - MySQL ERROR 1819 (HY000): Your password does not satisfy the current policy requirements

There are three levels of password validation policy enforced when Validate Password plugin is enabled:

  • LOW Length >= 8 characters.
  • MEDIUM Length >= 8, numeric, mixed case, and special characters.
  • STRONG Length >= 8, numeric, mixed case, special characters and dictionary file.

Based on these policy levels, you need to set an appropriate password. For example, if the password validation policy is set to Medium, you must set a password that has at least 8 characters including a number, lowercase, uppercase and special characters.

First we need to  find the current password policy level. To do so, run the following command to show Password Validation Plugin system variables:

mysql> SHOW VARIABLES LIKE 'validate_password%';

Sample output:

+--------------------------------------+--------+
| Variable_name                        | Value  |
+--------------------------------------+--------+
| validate_password.check_user_name    | ON     |
| validate_password.dictionary_file    |        |
| validate_password.length             | 8      |
| validate_password.mixed_case_count   | 1      |
| validate_password.number_count       | 1      |
| validate_password.policy             | MEDIUM |
| validate_password.special_char_count | 1      |
+--------------------------------------+--------+
7 rows in set (0.09 sec)
Show password validation policy in mysql
Show password validation policy in mysql

As you can see, the currently enforced password level is Medium. So our password should be 8  characters long with a number, mixed case and special characters.

I am going to set this password - Password123#@! using command:

mysql> create user 'ostechnix'@'localhost' identified by 'Password123#@!';
Query OK, 0 rows affected (0.36 sec)
Create a database user in mysql
Create a database user in mysql

See? It works now! So, in order to fix the "ERROR 1819 (HY000)..." error, you need to enter a password as per the current password validation policy.

Change password validation policy in MySQL

You can also solve the "ERROR 1819 (HY000)..." by setting up a lower level password policy.

To do so, run the following command from the mysql prompt:

mysql> SET GLOBAL validate_password.policy = 0;

Or,

mysql> SET GLOBAL validate_password.policy=LOW;

Then check if the password validation policy has been changed to low:

mysql> SHOW VARIABLES LIKE 'validate_password%';

Sample output:

+--------------------------------------+-------+
| Variable_name                        | Value |
+--------------------------------------+-------+
| validate_password.check_user_name    | ON    |
| validate_password.dictionary_file    |       |
| validate_password.length             | 8     |
| validate_password.mixed_case_count   | 1     |
| validate_password.number_count       | 1     |
| validate_password.policy             | LOW   |
| validate_password.special_char_count | 1     |
+--------------------------------------+-------+
7 rows in set (0.00 sec)

Now you can create a user with a weak password like below:

mysql> create user 'senthil'@'localhost' identified by 'password';
Change password validation policy in mysql
Change password validation policy in mysql

To revert back to MEDIUM level policy, simply run this command from mysql prompt:

mysql> SET GLOBAL validate_password.policy=MEDIUM;

If the password policy doesn't change, exit from the mysql prompt and restart mysql service from your Terminal window:

$ sudo systemctl restart mysql

Now it should work.

Heads Up: One of our reader has pointed out that there is typo in the following command:

mysql> SET GLOBAL validate_password.policy=LOW;

It should be:

mysql> SET GLOBAL validate_password_policy=LOW;

Note the underscore in the above command. Since I have deleted the setup, I have no way of verifying this command. But I assume the command has been changed in the newer versions of MySQL.

Disable password validation policy

If you like to create users with weak password, simply disable the Validate Password component altogether and re-enable it back after creating the users.

Log in to the MySQL server:

$ mysql -u root -p

To temporarily disable Validate Password component, run the following command from MySQL prompt:

mysql> UNINSTALL COMPONENT "file://component_validate_password";

Create the users with any password of your choice:

mysql> create user 'kumar'@'localhost' identified by '123456';

Finally, enable Validate Password component:

mysql> INSTALL COMPONENT "file://component_validate_password";
Disable password validation policy temporarily in mysql
Disable password validation policy temporarily in mysql

I personally don't recommend changing the policy to lower level or disabling password policy. Be it a database user or normal user, always use a strong password with more than 8 characters including a number, mixed case, and spacial characters.

Conclusion

In this guide, we learned about one of the common MySQL error - ERROR 1819 (HY000): Your password does not satisfy the current policy requirements and how to fix it in Linux. We also learned how to disable password policy to allow weak passwords in some cases. Personally I recommend you to use a strong password.

You May Also Like

6 comments

Uzzal January 14, 2021 - 6:09 am

Very Helpful blog, There is a small Typo please Correct it.

mysql> SET GLOBAL validate_password.policy=LOW; –> Typo not . it would be _
mysql> SET GLOBAL validate_password_policy=LOW;

Make sure SQL_LOG_BIN=0 if this database has any slave server that’s also affected.
MYSQL> SET SQL_LOG_BIN=0;
mysql> select @@SQL_LOG_BIN;

Reply
Patrick January 25, 2021 - 1:03 am

I was going to post that too UZZAL.
mysql> SET GLOBAL validate_password.policy=LOW;

should be…
mysql> SET GLOBAL validate_password_policy=LOW;

After this change worked for me. Thanks great article!

Reply
Alex February 26, 2021 - 11:16 pm

Gracias !!!

Reply
Tariq January 22, 2022 - 7:54 pm

thank you

Reply
ayoub February 25, 2022 - 3:41 am

thank you very helpfull i only managed to change it when i disabled the policy the reactivate it

Reply
Hassam May 18, 2023 - 1:39 pm

Its worked. I set priority to 0 “LOW” and all done. I’m on local server so, LOW is good for me.

Reply

Leave a Comment

* By using this form you agree with the storage and handling of your data by this website.

This site uses Akismet to reduce spam. Learn how your comment data is processed.

This website uses cookies to improve your experience. By using this site, we will assume that you're OK with it. Accept Read More