MySQL validate_password plugin and Virtualmin.

I enabled the MySQL "validate_password" plugin on a fresh install. I also enabled hashed passwords, as opposed to clear text. However, when I try to make new servers, it constantly returns that it can't, because the automatically generated passwords don't meet the validate_password plugin's requirements.

I like the security the plugin offers. How do I make Virtualmin meet its requirements?

Status: 
Active

Comments

That depends ... what specific password requirement is it rejecting? Length, special characters, or something else?

It doesn't say. The error I'm getting is this:

MySQL database failed! : SQL insert into user (host, user, ssl_type, ssl_cipher, x509_issuer, x509_subject, plugin, authentication_string) values ('localhost', 'myserver.com', '', '', '', '', 'mysql_native_password', password('qfW5xnBxkZVWhQ5M')) failed : Your password does not satisfy the current policy requirements at /usr/share/webmin/web-lib-funcs.pl line 1427.

My secure_password requirements are as follows: length (8 minimum), numeric, lowercase/uppercase, special characters (required), and not a dictionary word.

Right now, there's no way to configure the random password generator to meet those requirements - all you can set is the length and the character set.

Is there a way to hack Virtualmin that won't get overwritten on the next update? :) Or a way to contribute a patch?

It's enough to put this

validate_password_policy=LOW

under mysqld section in mysql.conf (wherever it is...)