MySQL: usage of short password

MySQL using short report password

Problem

We located a short report password in MySQL's configuration file.

report-password=<pass>

1. It is better to use a long password
2. It should be verified that there are no hardcoded passwords, or that you're generating a configuration dynamically in production with solutions such as confd.

Fix

Remove the hardcoded password and employ a password policy.

See

• MySQL password options