In summary, use CREATE to create a user, and use GRANT to add privileges: CREATE USER IDENTIFIED BY 'password' This GRANT capability will be removed in a future MySQL release. Instead, establish or change authentication characteristics using CREATE USER or ALTER USER. Use of GRANT to define account authentication characteristics is deprecated as of MySQL 5.7.6. If NO_AUTO_CREATE_USER is enabled, GRANT fails and does not create the account, unless you specify a nonempty password using IDENTIFIED BY or name an authentication plugin using IDENTIFIED WITH.This is very insecure unless you specify a nonempty password using IDENTIFIED BY. If NO_AUTO_CREATE_USER is not enabled, GRANT creates the account.If an account named in a GRANT statement does not exist, the action taken depends on the NO_AUTO_CREATE_USER SQL mode: Without IDENTIFIED, the account password remains unchanged.Īs of MySQL 5.7.2, if the account already exists, IDENTIFIED WITH is prohibited because it is intended only for use when creating new accounts.Īlso, GRANT may create the user if it does not exist: When IDENTIFIED is present and you have the global grant privilege (GRANT OPTION), any password specified becomes the new password for the account, even if the account exists and already has a password. If you use GRANT with IDENTIFIED you can change the user's password: This functionality is deprecated and should not be used. Confusingly, it also has the ability to create users and change their passwords. GRANT is meant for adding privileges to users.
0 Comments
Leave a Reply. |