This article shows you how to set, change, and recover secure passwords for your MySQL root account, so you'll never be at a loss.

Security researchers have released details about a vulnerability in the MySQL server that could allow potential attackers to access MySQL databases without inputting proper authentication credentials.

But in the affected versions of MariaDB and MySQL, as MontyProgram's Sergei Golubchik wrote in a list posting on June 9, the database can be fooled into accepting a password even if it doesn't match.

If MySQL was built on such a system, the code that compares the cryptographic hash of a user-inputted password to the hash stored in the database for a particular account will sometimes allow ...

"When a user connects to MariaDB/MySQL, a token (SHA over a password and a random scramble string) is calculated and compared with the expected value," said Golubchik. "Because of incorrect ...

Security experts have identified some 879,046 servers vulnerable to a brute force flaw that undermines password controls in MySQL and MariaDB systems.