Skip to content

MySQL 8.0 insecure initialization

MySQL 8.0 insecure initialization refers to the process of setting up a MySQL 8.0 database (specifically the Windows x64 ZIP Archive version) without installing it as a system service. This method relies on the --initialize-insecure flag, which creates the data directory and sets the root user password to empty, allowing immediate access for configuration or development purposes.^[600-developer__database__mysql__mysql8-portable.md]

Initialization Command

To perform an insecure initialization, the mysqld executable is run with specific arguments pointing to the configuration file.^[600-developer__database__mysql__mysql8-portable.md] The command typically used is:

mysqld --defaults-file=d:/my.ini --initialize-insecure --console

Using the --initialize-insecure flag ensures that the default root user is created with a blank password.^[600-developer__database__mysql__mysql8-portable.md]

Post-Initialization Configuration

Once the database is initialized, it can be started using a batch script (e.g., run.bat) that executes mysqld with the --console parameter.^[600-developer__database__mysql__mysql8-portable.md] Because the initialization was insecure, the root user can log in immediately via the command line without a password:

mysql -uroot -p

The system will prompt for a password; in this context, it is blank, so pressing Enter grants access.^[600-developer__database__mysql__mysql8-portable.md]

Root User Configuration

Upon first access, it is common practice to modify the root user to allow connections from any host (%) and set a password using the legacy mysql_native_password plugin for compatibility.^[600-developer__database__mysql__mysql8-portable.md] The following SQL commands demonstrate this workflow:

  1. Switch to the mysql database: 
    use mysql;
  2. Check current users: 
    SELECT User, Host FROM mysql.user;
  3. Update the root user's host: 
    update mysql.user set host='%' where User='root' and Host='localhost';
  4. Flush privileges: 
    FLUSH PRIVILEGES;
  5. Alter the user to set a password (e.g., 'root') and authentication plugin: sql ALTER USER 'root'@'%' IDENTIFIED WITH mysql_native_password BY 'root';^[600-developer__database__mysql__mysql8-portable.md]
  • [[Database initialization]]
  • [[MySQL configuration]]
  • [[Authentication plugins]]

Sources

^[600-developer__database__mysql__mysql8-portable.md]