https://quicktasks.ismael.casimpan.com/tags/ignored-password/Recent content in ignored-password on IT QuicktasksHugo -- gohugo.ioCopyright © 2018–2022, Ismael Casimpan Jr.; All Rights ReservedWed, 29 Apr 2020 23:11:25 +0800https://quicktasks.ismael.casimpan.com/post/mariadb-root-ignoring-password/Wed, 29 Apr 2020 23:11:25 +0800https://quicktasks.ismael.casimpan.com/post/mariadb-root-ignoring-password/ Observed this in Mariadb 10.x versions. Despite being able to change password, it is still ignoring the password. Non-root user not affected. Explanation per https://mariadb.com/kb/en/authentication-from-mariadb-104/ Using unix_socket means that if you are the system root user, you can login as root@locahost without a password. This technique was pioneered by Otto Kekäläinen in Debian MariaDB packages and has been successfully used in Debian since as early as MariaDB 10.0. It is based on a simple fact that asking the system root for a password adds no extra security — root has full access to all the data files and all process memory anyway.