No root password set for the MySQL/MariaDB server

[fshmcallister]

We detected that there is no root password set for MySQL/MariaDB on {devices}. Not having a root password set makes it easy for anyone with access to the service to copy all information from the database. It is recommended that you change the password as soon as possible. There are multiple ways to do this, including using mysqladmin as follows: mysqladmin -u root password NEWPASSWORD. Tip: If you are using mysqladmin as per above, make sure to add a space before the command to avoid it being stored in your shell's history.

part of #198

[Menmarin]

Title

No root password set for MySQL/MariaDB detected

TL;DR

We have detected that there is no root password set for MySQL/MariaDB on [DEVICES]. Not having a root password set makes it easy for anyone with access to the service to copy all information from the database. It is recommended that you change the password as soon as possible.

FAQ

By default, MySQL and MariaDB are set up with no root password. A root account is likened to a super user, anyone with access to a root account can and may do whatever they wish with a database. This includes copying data they should not be privy to and may potentially use maliciously later on. Without a root password, anyone with access to your service can execute root commands without consequence. We highly recommend you set a root password as soon as possible.

To set a root password for your MySQL instance, stop the MySQL instance, then use the mysqladmin command at the shell prompt like so:

mysqladmin -u root password PASSWORD

Please do not use PASSWORD as your root password and replace it with a more secure password, we recommend you change this password often as a precaution. To do so use the following command:

mysqladmin -u root -p password NEWPASSWORD

Make sure to restart the service when you execute the commands. Also a top tip: If you are using mysqladmin as per above, make sure to add a space before the command to avoid it being stored in your shell's history.

[vpetersson]

@Menmarin That's good. The only think I'd add is something about that the root password should never be used for applications to the FAQ section. Instead, an application specific account that is locked down to the particular database.

[vpetersson]

@fshmcallister are you taking over this one?

[fshmcallister]

sure, what needs to be done?

[vpetersson]

See my comment above.

[fshmcallister]

TL;DR

We have detected that you may have set a root password for MySQL/MariaDB. Not having a root password set makes it easy for anyone with access to the server (or the network where the server is hosted) to copy all customer data from the database. It is recommended that you set a password as soon as possible.

FAQ

By default, MySQL/MariaDB is set up with no root password. A root account is likened to a super user, anyone with access to a root account can and may do whatever they wish with a database. This includes copying customer/internal data they should not have access to.

We highly recommend you set a root password as soon as possible. However, for applications, it is important to have separate, application specific credentials with locked down permission to the given database to reduce the blast radios in case the the credentials get leaked.

**Pro tip**: If you are using `mysqladmin` and pass on the password from the command line, make sure to add a space before the command to avoid it being stored in your shell's history.

Code Block

To update the root password, use the following command. Please note that on Ubuntu, you may need to use `sudo` to run the command below.

```
$ mysqladmin -u root password NEWPASSWORD
```

[a-martynovich]

@fshmcallister subtitle?