Tag - security

Brute-Force MySQL Password From a Hash

Brute Force MySQL password

In most cases, MySQL password instructions provide information on changing MySQL user passwords on the production system (e.g., reset root password without restart). It is even recommended to change passwords regularly for security reasons. But still, sometimes DBA duties on legacy systems offer surprises and you need to recover the original password for some […]

Read more

MySQL Escaping on the Client-Side With Go

MySQL Escaping With Go

Day-to-day database operation requires, from an administrator, deep knowledge of db internals and security issues, in particular things like SQL injections. In order to prevent such kind of an attack, we have included go-sql-driver into our code for secure placeholder escaping.
Unfortunately, not all cases are secured by the driver.
In case we are using the […]

Read more

PostgreSQL Security Missteps and Tips

postgresql security tips

Security, when done right, not only protects your data but improves performance, system stability, and enhances the development life-cycle. Because PostgreSQL security can easily become an all-encompassing activity, we’ll deal with the most common mechanisms.
Three files control security in the postgres data cluster but for our purposes, we’ll deal only with postgresql.conf and pg_hba.conf, […]

Read more

Improving MySQL Password Security with Validation Plugin

MySQL Password Security Plugin

In systems nowadays, improving security is a must! One of the weakest links in the security system is the user password from where an attacker can enter. In order to improve password strength and security, MySQL provides a plugin called “Validation plugin” which can be configured to enforce a set of rules for passwords.
 
Installation
The […]

Read more

Using Vault to Store the Master Key for Data at Rest Encryption on Percona Server for MongoDB

Percona Server MongoDB Encryption

Since the release of Percona Server MongoDB 3.6.13 (PSMDB), you have been able to use Vault to store the encryption keys for data at rest encryption. Here’s how to set it up.
First, you need to have a Vault server up and running. My colleague, Jericho, has an article on setting up Vault for Percona […]

Read more