MYSQL-TOOLS

Comparison of graphical tools for MySQL

Home Blog MySQL FAQ on restoring a forgotten root password in MySQL

FAQ on restoring a forgotten root password in MySQL

Print PDF
User Rating: / 3
PoorBest 

mysql password resetHow to recover a lost administrator password?

This article describes what to do if you forget the administrator password or have misplaced the very root-user. The article is intended primarily for beginners, so a description of all the actions described in great detail, but the material may not be without interest and for more experienced users.

Passwords are stored in the database encrypted so you can not recover a forgotten root password, but you can install a new one. To do this:

  1. Restart the server in --skip-grant-tables
  2. Set a new administrator password
  3. Restart the server in normal mode

Now more about each item. In the skip-grant-tables is disabled check access rights and privileges, in other words, you can connect with blank username / password and you will have with all possible privileges.

Note. Please note that other users who are connected to the commands you run FLUSH PRIVILEGES; or restart the server as usual, will also have administrative privileges.

MySQL Server stores information about the privileges of the grant table database performance mysql. When the server starts, the contents of the grant tables into memory and used in further work a copy of which is in memory. Command FLUSH PRIVILEGES; updates information about the privileges that are loaded into memory. Thus, this command cancels the skip-grant-table and includes checking access rights and privileges.

Note. Please note that if you directly edit the contents of the grant tables database mysql, using the commands INSERT, UPDATE, DELETE, then the changes did not immediately take effect, as the information about user privileges, loaded into memory, will remain unchanged. If you use the recommended type of team GRANT or SET PASSWORD, the changes will take effect immediately.

Note. Please note that changing the user rights do not apply to already established connections of users. If you want to take away someone's rights, then after, make sure that it is not connected to the server (using SHOW FULL PROCESSLIST), but when plugged in, then kill it flow (the operator of KILL). To start the server mode, skip-grant-tables easiest way to temporarily add a line skip-grant-tables in my.ini (for the Linux operating system file called my.cnf) in the section [mysqld]

[mysqld]
skip-grant-tables
other parameters

Then restart the server.


Next action will depend on the client you are using:

1. If your client does not break the connection after each command, such as native client mysql, we first run the command FLUSH PRIVILEGES;, which loads into memory a table of grants. Then use the command GRANT or SET PASSWORD appoint an administrator password: SET PASSWORD for root@localhost = password('mypassword'); This course of action is preferred.

2. If your client closes the connection after each command, for example, Query Browser, then after a FLUSH PRIVILEGES; it will require a password, which we have not yet been assigned. Assign first password with the GRANT command, or SET PASSWORD does not work, as in the mode of skip-grant-tables can not be used. (We have already indicated that the FLUSH PRIVILEGES; cancel this mode, so in the previous paragraph these commands work.) Remains the only possible way is to directly modify data in the table mysql.user

UPDATE mysql.user SET PASSWORD=PASSWORD('mypassword') WHERE user='root' AND host='localhost';

How to restore the root-user?

If the root-user (a user with all possible prrivilegiyami usually has the name of the root) has been inadvertently deleted, the sequence of steps similar to the previous section, except that instead of assigning a password, you must be a root-user. Ie mode skip-grant-tables, depending on the client you are acting one of the following ways:

1. FLUSH PRIVILEGES;

Then add the root-user with the GRANT command

GRANT ALL TO *.* ON `root`@`localhost` IDENTIFIED BY 'mypassword' WITH GRANT OPTION;

2. Create a root-user by direct addition of table entries mysql.user.

Note that the table structure mysql.user in different versions varies. Before adding it to learn the commands SHOW CREATE TABLE or DESCRIBE.

For example, for version 5.1.21-beta-community to add root-user is using the following command:

INSERT INTO mysql.user
 (Host,User,Password,Select_priv,Insert_priv,Update_priv,Delete_priv,Create_priv,Drop_priv,
 Reload_priv,Shutdown_priv,Process_priv,File_priv,Grant_priv,References_priv,Index_priv,
 Alter_priv,Show_db_priv,Super_priv,Create_tmp_table_priv,Lock_tables_priv,Execute_priv,
 Repl_slave_priv,Repl_client_priv,Create_view_priv,Show_view_priv,Create_routine_priv,
 Alter_routine_priv,Create_user_priv,Event_priv,Trigger_priv,ssl_type,ssl_cipher,x509_issuer,
 x509_subject,max_questions,max_updates,max_connections,max_user_connections)
 VALUES('localhost','root',password('mypassword'),'Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y',
 'Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','','','','',0,0,0,0);

Common cases:

Error (1045 Access denied for user 'root' @ 'localhost' (USING password: No)) indicates that the connection is made with a blank password.

Error (1045 Access denied for user 'root' @ 'localhost' (USING password: Yes)) points to an invalid password.

Both these errors can occur due to lack of access rights to perform the requested operation, ie user name root, but the law had not Rutaceae. In practice, this situation is unlikely.

Remote access for root-user.

In MySQL, the user is characterized by two parameters: the name and host from which it can handle, ie user @ x and user @ y - it's different users. For convenience in MySQL using quantifiers, such as% on-site host refers to any vehicle other than a local one.

If you access as root from a remote machine you get an error (1045 Acces denied for user 'root'@'%'), this may be due to the fact that the default settings, a remote root-user was not "root access", r . e. does not have full privileges. To test the need (under the proper "root access") to compare the output of the commands:

SHOW GRANTS for root@localhost;
SHOW GRANTS for root@'%';

And if you want to add the missing privileges to the user with the command GRANT. If you need to have administrator privileges to connect to a remote machine, it is recommended that for security purposes, to call a user a different name (not root).

References:

The official documentation describes a way to restore the original administrator password. For details, see http://dev.mysql.com/doc/refman/5.0/en/resetting-permissions.html

 

Add comment


Security code
Refresh