ERROR 1698 (28000): Access denied for user 'root'@'localhost'

Question

I'm setting up a new server and keep running into this problem.

When I try to log into the MySQL database with the root user, I get the error:

ERROR 1698 (28000): Access denied for user 'root'@'localhost'

It doesn't matter if I connect through the terminal (SSH), through phpMyAdmin or a MySQL client, e.g., Navicat. They all fail.

I looked in the mysql.user table and get the following:

+------------------+-------------------+
| user             | host              |
+------------------+-------------------+
| root             | %                 |
| root             | 127.0.0.1         |
| amavisd          | localhost         |
| debian-sys-maint | localhost         |
| iredadmin        | localhost         |
| iredapd          | localhost         |
| mysql.sys        | localhost         |
| phpmyadmin       | localhost         |
| root             | localhost         |
| roundcube        | localhost         |
| vmail            | localhost         |
| vmailadmin       | localhost         |
| amavisd          | test4.folkmann.it |
| iredadmin        | test4.folkmann.it |
| iredapd          | test4.folkmann.it |
| roundcube        | test4.folkmann.it |
| vmail            | test4.folkmann.it |
| vmailadmin       | test4.folkmann.it |
+------------------+-------------------+

As you can see, user root should have access.

The Server is quite simple, as I have tried to troubleshoot this for a while now.

It's running Ubuntu 16.04.1 LTS (Xenial Xerus) with Apache, MySQL and PHP, so that it can host websites, and iRedMail 0.9.5-1, so that it can host mail.

Log into the MySQL database works fine before I installed iRedMail. I also tried just installing iRedMail, but then root also doesn't work.

How can I fix my MySQL login problem or how can I install iRedMail over an existing MySQL install? And yes, I tried the Installation Tips and I can't find those variables in the configuration files.

I followed this link and the first option worked for me: https://askubuntu.com/questions/763336/cannot-enter-phpmyadmin-as-root-mysql-5-7 — Mikael Arhelger, Nov 28 '17 at 16:39
On 2022-03-02, this was *the* number one search engine hit for "`MySQL client ERROR 1698 28000 Access denied for user`". — Peter Mortensen, Mar 02 '22 at 15:11

score 1653 · Accepted Answer · edited Mar 02 '22 at 15:40

1653

On some systems, like Ubuntu, MySQL is using the Unix auth_socket plugin by default.

Basically it means that: db_users using it, will be "authenticated" by the system user credentials. You can see if your root user is set up like this by doing the following:

sudo mysql -u root # I had to use "sudo" since it was a new installation

mysql> USE mysql;
mysql> SELECT User, Host, plugin FROM mysql.user;

+------------------+-----------------------+
| User             | plugin                |
+------------------+-----------------------+
| root             | auth_socket           |
| mysql.sys        | mysql_native_password |
| debian-sys-maint | mysql_native_password |
+------------------+-----------------------+

As you can see in the query, the root user is using the auth_socket plugin.

There are two ways to solve this:

You can set the root user to use the mysql_native_password plugin
You can create a new db_user with you system_user (recommended)

Option 1:

sudo mysql -u root # I had to use "sudo" since it was a new installation

mysql> USE mysql;
mysql> UPDATE user SET plugin='mysql_native_password' WHERE User='root';
mysql> FLUSH PRIVILEGES;
mysql> exit;

sudo service mysql restart

Option 2: (replace YOUR_SYSTEM_USER with the username you have)

sudo mysql -u root # I had to use "sudo" since it was a new installation

mysql> USE mysql;
mysql> CREATE USER 'YOUR_SYSTEM_USER'@'localhost' IDENTIFIED BY 'YOUR_PASSWD';
mysql> GRANT ALL PRIVILEGES ON *.* TO 'YOUR_SYSTEM_USER'@'localhost';
mysql> UPDATE user SET plugin='auth_socket' WHERE User='YOUR_SYSTEM_USER';
mysql> FLUSH PRIVILEGES;
mysql> exit;

sudo service mysql restart

Remember that if you use option #2 you'll have to connect to MySQL as your system username (mysql -u YOUR_SYSTEM_USER).

Note: On some systems (e.g., Debian 9 (Stretch)) the 'auth_socket' plugin is called 'unix_socket', so the corresponding SQL command should be: UPDATE user SET plugin='unix_socket' WHERE User='YOUR_SYSTEM_USER';

From andy's comment it seems that MySQL 8.x.x updated/replaced the auth_socket for caching_sha2_password. I don't have a system setup with MySQL 8.x.x to test this. However, the steps above should help you to understand the issue. Here's the reply:

One change as of MySQL 8.0.4 is that the new default authentication plugin is 'caching_sha2_password'. The new 'YOUR_SYSTEM_USER' will have this authentication plugin and you can log in from the Bash shell now with "mysql -u YOUR_SYSTEM_USER -p" and provide the password for this user on the prompt. There isn’t any need for the "UPDATE user SET plugin" step.

For the 8.0.4 default authentication plugin update, see MySQL 8.0.4: New Default Authentication Plugin: caching_sha2_password.

edited Mar 02 '22 at 15:40

Peter Mortensen

30,738
21
105
131

answered Mar 12 '17 at 01:17

zetacu

17,062
2
19
26

9

Option 1 worked for me. But then I also needed to run `sudo gedit /etc/phpmyadmin/config.inc.php`. Then I did a search for `AllowNoPassword` and uncommented both lines that contained it. Then I was able to login as root with no password. – Joe Sep 27 '17 at 15:46
1

This percona blog post helped me a bit. https://www.percona.com/blog/2016/03/16/change-user-password-in-mysql-5-7-with-plugin-auth_socket/ Sounds like this happens if you try to skip setting a password for root, which then causes the 'auth_plugin' to use the unix auth_socket, which apparently just compares users. – Josh Brown Dec 19 '17 at 02:42
11

Option 2 works. I think its always best practice to create a new user and use leaving root to be there! – PasinduJay Feb 13 '18 at 06:02
6

the `IDENTIFIED BY ''` bit should probably be `IDENTIFIED BY 'YOUR_PASSWD'` – YakovL Mar 06 '18 at 09:56
And that's why I prefer using PostgreSQL – problemofficer - n.f. Monica Apr 23 '18 at 02:35
6

Finally, an answer that *actually works* !! There's a zillion answers out there saying do `mysqld_safe --skip-grant-tables` etc, and it's not been working. – Stewart May 12 '18 at 10:20
It worked. However, beware that changing the plugin as per Option #1 may end up in being forced to reset the root password with 'mysqld_safe --skip-grant-tables'. Then it works. – Jorj May 20 '18 at 19:27
6

Ok, how to do this, if `sudo mysql -u root -p` doesn't let me in? – Hrvoje T May 28 '18 at 12:45
@HrvojeT can you describe a bit more the error. most of the times that could be a typo, or that for some reason the root user doesn't exist try this `sudo /etc/init.d/mysql stop` then `sudo mysqld --skip-grant-tables &` in the mysql console type `use mysql;` and finally `select user,host from user where user='root' \G you might find out that for some reason the root user doesn't even exist. – zetacu May 29 '18 at 23:52
@zetacu I mean how can I enter in mysql with root user if the error is `access denied` like in OP. Obviously, the solution is to create a database from start. – Hrvoje T May 30 '18 at 05:23
@Hrvoje have you tried simply `sudo mysql -u root` - since auth is not password but as the user you are accessing mysql as (i.e. root) – Claire Furney Jul 11 '18 at 21:43
1

plugin value was initially `unix_socket` for me and otherwise all worked great - thank you – Claire Furney Jul 11 '18 at 21:45
@zetacu Thanks. This was the cause. We fixed it in Ubuntu. Just FYI, we tried in CentOS - it did not have this issue. So I guess this was done at Ubuntu end - to use linux root interface instead of mysql standalone authentication. – Rahul Sep 13 '18 at 15:02
Thanks @zetacu. How can I avoid `sudo` from `sudo mysql -u root -p` ? – abu abu Sep 15 '18 at 02:25
1

@abu abu Hi Abu. You can avoid sudo by logging into the root user before executing the command. Initially when you login you can login as 'root' or a user that has root privileges. Else, before sudo, we can use 'sudo su', su meaning superuser before the line. Without root we cant execute admin level commands. – Rahul Sep 18 '18 at 06:32
1

Thanks for this very helpful and detailed solution. One change as of MySQL 8.0.4 is that the new default authentication plugin is 'caching_sha2_password'. The new 'YOUR_SYSTEM_USER' will have this auth plugin and you can login from the bash shell now with "mysql -u YOUR_SYSTEM_USER -p" and provide the password for this user on the prompt. No need for the "UPDATE user SET plugin" step. For the 8.0.4 default auth plugin update see, https://mysqlserverteam.com/mysql-8-0-4-new-default-authentication-plugin-caching_sha2_password/ – Andy Oct 11 '18 at 22:58
The first option worked for me. Thanks! Although, if I am not wrong after performing the second option, the first option has to be done on the YOUR_SYSTEM_USER i.e., change the plugin of newly made user to mysql_native_password. OR The plugin can be set as 'mysql_native_password' while performing the second option in this line `mysql> UPDATE user SET plugin='mysql_native_password' WHERE User='YOUR_SYSTEM_USER'; ` What do you think? – Gaurav Sachdeva Feb 07 '19 at 21:53
the second option is meant to use the "new" (not new anymore) `auth_socket` (or any other name on each system) plugin you can for sure mix it and instead of using the `auth_socket` you can change it to use the `mysql_native_password `, if you do that then you'll have to use the mysql password that can be different from the system password. – zetacu Feb 28 '19 at 19:33
1

If using MariaDB, use the steps here instead -> https://stackoverflow.com/a/57532576/69739 – Virat Kadaru Oct 10 '19 at 19:41
You can do user and plugin in one line: CREATE USER 'YOUR_SYSTEM_USER'@'localhost' IDENTIFIED WITH auth_socket; – malhal Jan 03 '20 at 15:37
When `UPDATE user`, I met `ERROR 1348 (HY000): Column 'plugin' is not updatable`. – Hanson May 03 '20 at 12:22
Yes, use `sudo mysql -uroot` after install mariadb 10.5.9 in fedora-34 workstation from fedora repositories. – christianbueno.1 May 14 '21 at 05:20
The link is (effectively) broken: *"Page Not Found. We're sorry, but the requested post could not be found."* – Peter Mortensen Sep 21 '21 at 14:08
Worked for MariaDB, version 10.3 on Ubuntu 20.04 as well. – J. Gwinner Oct 16 '21 at 00:03
For my local dev environment, a simple password-less root account is all I need, so switching the authentication plugin to `mysql_native_password` fixed the issue for me. Thanks! – AgmLauncher Mar 01 '22 at 06:20

score 350 · Answer 2 · edited Mar 02 '22 at 15:55

350

A new version of MySQL does it this way

In the new MySQL client, if the password is left empty while installing then, it is based on the auth_socket plugin.

The correct way is to log in to MySQL with the sudo privilege.

sudo mysql -u root -p

And then updating the password using:

ALTER USER 'root'@'localhost' IDENTIFIED WITH mysql_native_password BY 'new-password';

Once this is done, stop and start the MySQL server.

sudo service mysql stop
sudo service mysql start

For complete details, you can refer to this link.

edited Mar 02 '22 at 15:55

Peter Mortensen

30,738
21
105
131

answered Sep 14 '18 at 16:17

Nandesh

4,437
2
20
26

1

That worked for my dev server as a quick fix (Ubuntu 18.04 server), however, I do recommend looking into the above-accepted answer, and furthermore, refrain from installing PHPMyAdmin on a production server altogether. – Aaron Murray Oct 05 '19 at 22:19
3

"-p" is not necessary when using "sudo" – Aliaksandr Adzinets Nov 30 '19 at 23:14
3

wow, this worked for me, mysql Ver 8.0.25-0ubuntu0.20.04.1, #nitipSendal – Firman Hidayat Jun 22 '21 at 16:00
@AaronMurray I'm not currently doing it but I'm curious, why is PHPMyAdmin not suitable for production and what would you use as a GUI instead? Or are you saying production servers should have no GUIs? – Hashim Aziz Mar 23 '22 at 23:34
@HashimAziz It is not that PHPMyAdmin is not suitable for production, I am suggesting merely (in my opinion), database server access should be a service that is hidden from public access. Of course it depends on use case, but by default I keep my public exposure to any infrastructure at a minimum. Meaning say your web server accessible public on port 80/443, but the PHP app itself would access an internal (private network) database, not exposed to the public. Doesn't prevent attacks but is a single step towards better security. ** Use cases may differ and require public facing IP's ** – Aaron Murray Jul 17 '22 at 14:45
I get `ERROR 1064 (42000): You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near 'BY 'root'' at line 1` – Black Oct 26 '22 at 09:20
For newer MySQL versions use this syntax instead: `ALTER USER 'root'@'localhost' IDENTIFIED BY 'new_password';` – Behemoth Jan 18 '23 at 14:29

score 30 · Answer 3 · answered Jan 10 '20 at 18:31

30

No need of sudo

The database is initialised with 2 all-privilege accounts: the first one is "root" which is inaccessible and the second one with your user name (check with command whoami).

To enable access to root account, you need to login with your user name

mysql -u $(whoami)

and manually change password for root

use mysql;
set password for 'root'@'localhost' = password('YOUR_ROOT_PASSWORD_HERE');
flush privileges;
quit

Login as 'root'

mysql -u root -p

answered Jan 10 '20 at 18:31

Raoul HATTERER

522
5
5

1

when i use `mysql -u $(whoami)` , also it gives `ERROR 1045 (28000): Access denied for user 'kaw'@'localhost' (using password: NO)` – Kaumadie Kariyawasam Apr 20 '21 at 04:30
set password for 'root'@'localhost' = password('YOUR_ROOT_PASSWORD_HERE'); This saved my day – Muhammed Shihabudeen Labba A Oct 11 '21 at 05:30
1

This looks promising, but I don't think this works at all (like [Kaumadie Kariyawasam mentioned](https://stackoverflow.com/questions/39281594/error-1698-28000-access-denied-for-user-rootlocalhost#comment118733540_59687197)). What system, incl. version of the operating system, MySQL, etc. was this tried on? What state was the system in, e.g. wrt. to permissions, users, groups, etc.? – Peter Mortensen Mar 02 '22 at 16:40
I definitely needed `sudo`. I had to open mysql like this `sudo mysql` first then I executed your commands and the password is changed now – Black Oct 26 '22 at 09:24

score 14 · Answer 4 · edited Sep 21 '21 at 14:11

I was having this issue on an Debian 8 (Jessie) VM that I was interacting with through PuTTY on my Windows 10 desktop.

I tried the various suggestions on here, but nothing quite worked and I am running MariaDB on the Debian host. In the end I found that I couldn't start the database server in safe mode, but I didn't need to and the following commands actually worked for me, i.e., allowing a newly created MySQL user to log into the MySQL/MariaDB server:

sudo service mysql restart
sudo mysql # Logs in automatically into MariaDB
use mysql;
update user set plugin='' where user='your_user_name';
flush privileges;
exit;
sudo service mysql restart # Restarts the MySQL service

If the above doesn't quite work for you, follow the steps outlined in zetacu's post, and then follow my steps.

Now you should be able to use a remote terminal client and securely log into MySQL using the command:

mysql -u your_user_name -p

*Type in the password when prompted

That simple. Well, only first command does not allowed to execute the second, so I'll adjust it editing - please see if I'm right... — kokbira, Dec 12 '18 at 16:55
`update user set plugin='' where user='your_user_name';` Did worked for me — Muhammad Adnan, Sep 28 '21 at 21:37

score 12 · Answer 5 · edited Mar 02 '22 at 15:57

12

Step 1. sudo mysql -u root -p

Step 2. USE mysql;

Step 3. ALTER USER 'root'@'localhost' IDENTIFIED WITH mysql_native_password BY 'admin';

Here 'admin' is your new password, but you can change it.

Step 4. exit

You are done.

edited Mar 02 '22 at 15:57

Peter Mortensen

30,738
21
105
131

answered Dec 01 '18 at 11:04

Y. Joy Ch. Singha

3,056
24
26

score 9 · Answer 6 · edited Mar 02 '22 at 16:56

After hours of struggling without any solution here, this worked for me. I found a YouTube video where it says the password column is now called authentication_string.

So I was able to change my password as follows:

First get into the MySQL client from the terminal:

sudo mysql

Then inside mysql, type whatever after mysql>:

mysql> use mysql
mysql> update user set authentication_string=PASSWORD("mypass") where user='root';
mysql> flush privileges;
mysql> quit;

At this point you are out of the MySQL client, back to your normal terminal place. You need to restart the MySQL client for this to take effect. For that type, the following:

sudo service mysql restart

Refer to this video link for a better understanding.

score 8 · Answer 7 · edited Sep 21 '21 at 14:01

8

I would suggest to remove the MySQL connection -

This is for MySQL version 5.5. If your version is different, please change the first line accordingly.

sudo apt-get purge mysql-server mysql-client mysql-common mysql-server-core-5.5 mysql-client-core-5.5
sudo rm -rf /etc/mysql /var/lib/mysql
sudo apt-get autoremove
sudo apt-get autoclean

And install again, but this time set a root password yourself. This will save a lot of effort.

sudo apt-get update
sudo apt-get install mysql-server

edited Sep 21 '21 at 14:01

Peter Mortensen

30,738
21
105
131

answered Mar 10 '17 at 12:25

Eminem347

387
4
11

@ingernet maybe thats because of some other issues which you neglected while installing again – Eminem347 Aug 04 '17 at 20:21
@PJBrunet maybe cause your version of Mysql is different – Eminem347 Sep 22 '17 at 07:01
Fair enough, but an all-purpose solution is best. – PJ Brunet Sep 22 '17 at 07:22
What do you mean by *"remove the MySQL connection"*? Remove the installation and remove configuration files? – Peter Mortensen Mar 02 '22 at 15:14

score 7 · Answer 8 · edited Mar 02 '22 at 17:06

7

There is a good and regularly updated guide on how to set a new password for the latest MySQL:

How To Install MySQL on Ubuntu 20.04

It would be best to read the whole topic from the above page, but in short, this maybe could help.

Run the security script:

sudo mysql_secure_installation

Detailed information for mysql_secure_installation

After that, you can change the password by following the next steps:

sudo mysql

mysql> ALTER USER 'root'@'localhost' IDENTIFIED WITH caching_sha2_password BY 'password';

Detailed information for changing the root user password

If you have a problem, maybe you will need to reinstall MySQL.

edited Mar 02 '22 at 17:06

Peter Mortensen

30,738
21
105
131

answered Jul 23 '20 at 13:01

Stevan Tosic

6,561
10
55
110

1

I type sudo mysql_secure_installation , it asked me enter new password for mysql( ubuntu 20.0 server version) – Kuhan Oct 07 '20 at 10:17
this work for me , thanks . on ubuntu 20.04 – tree em Jul 15 '21 at 12:52

score 6 · Answer 9 · edited Apr 08 '22 at 13:29

I also faced the same issue for the first time.

Now it is fixed:

First, you copy the /etc/mysql/mysql.conf.d/mysqld.cnf file and paste in to /etc/mysql/my.cnf.

You can do it by the command:

sudo cp /etc/mysql/mysql.conf.d/mysqld.cnf /etc/mysql/my.cnf

Now let's reset the password:

Use the following commands in your terminal:

sudo service mysql stop
sudo service mysql start
sudo mysql -u root

Now you are inside the MySQL console.

Then let's write some queries to reset our root password:

USE mysql
update mysql.user set authentication_string=password('newpass') where user='root' and Host ='localhost';
update user set plugin="mysql_native_password";
flush privileges;
quit

Now we can clean /etc/mysql/my.cng.

Open the above file in your editor and remove the whole lines inside the file.

After that let's restart MySQL:

sudo mysql service restart

Now let's use MySQL with the newly created password:

sudo mysql -u root -p

Finally enter your newly created password.

Worked Well ! but your answer needs to be updated !! /etc/mysql/my.cnf and not /etc/mysql/my.cng and for service restart its sudo service mysql restart — essayoub, Dec 01 '19 at 22:51

score 6 · Answer 10 · edited Sep 21 '21 at 15:51

I found my solution after hours of research here.

Stop MySQL

sudo service mysql stop

Make MySQL service directory.

sudo mkdir /var/run/mysqld

Give MySQL user permission to write to the service directory.

sudo chown mysql: /var/run/mysqld

Start MySQL manually, without permission checks or networking.

sudo mysqld_safe --skip-grant-tables --skip-networking &

Log in without a password.

mysql -uroot mysql

Update password

UPDATE mysql.user SET authentication_string=PASSWORD('YOURNEWPASSWORD'), plugin='mysql_native_password' WHERE User='root' AND Host='%';
EXIT;

Turn off MySQL.

sudo mysqladmin -S /var/run/mysqld/mysqld.sock shutdown

Start the MySQL service normally.

sudo service mysql start

score 6 · Answer 11 · edited Mar 02 '22 at 17:08

For the first

sudo mysql -u root -p

SHOW VARIABLES LIKE 'validate_password%';

we will see something like this:

+--------------------------------------+--------+
| Variable_name                        | Value  |
+--------------------------------------+--------+
| validate_password.check_user_name    | ON     |
| validate_password.dictionary_file    |        |
| validate_password.length             | 8      |
| validate_password.mixed_case_count   | 1      |
| validate_password.number_count       | 1      |
| validate_password.policy             | MEDIUM |
| validate_password.special_char_count | 1      |
+--------------------------------------+--------+

We need to change these rows:

validate_password.length

validate_password.number_count

validate_password.policy

validate_password.special_char_count

SET GLOBAL validate_password.policy=LOW;
SET GLOBAL validate_password.length=4;
SET GLOBAL validate_password.number_count=0;
SET GLOBAL validate_password.special_char_count=0;

SHOW VARIABLES LIKE 'validate_password%';

We will see:

+--------------------------------------+-------+
| Variable_name                        | Value |
+--------------------------------------+-------+
| validate_password.check_user_name    | ON    |
| validate_password.dictionary_file    |       |
| validate_password.length             | 4     |
| validate_password.mixed_case_count   | 1     |
| validate_password.number_count       | 0     |
| validate_password.policy             | LOW   |
| validate_password.special_char_count | 0     |
+--------------------------------------+-------+

Now exit from the MySQL client:

exit;
sudo mysql -u root -p

And now you can write your password, four or more only letters.

ALTER USER 'root'@'localhost' IDENTIFIED WITH mysql_native_password BY 'new-password';

exit;

sudo mysql -u root -p

Your new password is in the database for user 'root';

score 5 · Answer 12 · edited Mar 02 '22 at 16:37

In my case,

mysql -u root -p

Enter password:
ERROR 1698 (28000): Access denied for user 'root'@'localhost'

I am sure my password was correct. Otherwise, the error code would be ERROR 1045 (28000): Access denied for user

So I relogin using sudo,

sudo mysql -u root -p

This time it worked for me. See the documentation.

And then change the root password,

mysql> alter user 'root'@'%' identified with mysql_native_password by 'me123';
Query OK, 0 rows affected (0.14 sec)

mysql>

Then restart the server using sudo /etc/init.d/mysql restart.

score 4 · Answer 13 · edited Sep 21 '21 at 14:51

4

This worked for me:

mysql --user=root mysql
CREATE USER 'some_user'@'%' IDENTIFIED BY 'some_pass';
GRANT ALL PRIVILEGES ON *.* TO 'some_user'@'%' WITH GRANT OPTION;
FLUSH PRIVILEGES;

edited Sep 21 '21 at 14:51

Peter Mortensen

30,738
21
105
131

answered Dec 30 '18 at 21:19

Dorad

3,413
2
44
71

Even with the link, an explanation would be in order. E.g., what is the idea/gist, e.g. for the first line? Why didn't the previous answers work? What version of MySQL was used? On what system? In what context? From [the Help Center](https://stackoverflow.com/help/promotion): *"...always explain why the solution you're presenting is appropriate and how it works"*. Please respond by [editing (changing) your answer](https://stackoverflow.com/posts/53981513/edit), not here in comments (***without*** "Edit:", "Update:", or similar - the answer should appear as if it was written today). – Peter Mortensen Mar 02 '22 at 16:02
You are right @PeterMortensen. I don't know why I posted it at first place. It seems pretty the same as zetacu second option. Please let me know that you read my comment and then I'll just delete my answer. – Dorad Mar 02 '22 at 18:11

score 4 · Answer 14 · edited Mar 02 '22 at 17:30

This works for me with MySQL version 8.0.26 and Ubuntu 20.04 (Focal Fossa).

sudo mysql -u root

mysql> USE mysql;
mysql> SELECT User, Host, plugin FROM mysql.user;

+------------------+-----------+-----------------------+
| User             | Host      | plugin                |
+------------------+-----------+-----------------------+
| debian-sys-maint | localhost | caching_sha2_password |
| mysql.infoschema | localhost | caching_sha2_password |
| mysql.session    | localhost | caching_sha2_password |
| mysql.sys        | localhost | caching_sha2_password |
| root             | localhost | auth_socket           |
+------------------+-----------+-----------------------+

mysql> UPDATE user SET

plugin='caching_sha2_password' WHERE User='root';

mysql> ALTER USER 'root'@'localhost' IDENTIFIED WITH caching_sha2_password BY 'you_mysql_password';
mysql> FLUSH PRIVILEGES;
mysql> exit;

sudo service mysql restart

This worked for me - I forgot the login method needs to change from auth socket to password. Periodically I find it changes itself back, not sure why. — Leon Segal, Jan 25 '23 at 09:22

Ángel Ugarte · Answer 15 · 2022-08-30T01:00:51.407

3

First step: go to file /etc/phpmyadmin/config.inc.php, and then uncomment lines where you find "AllowNoPassword".

Second step: log in to your MySQL default account

mysql -u root -p

use mysql;
update user set plugin="" where user='root';
flush privileges;

And that's all!

edited Aug 30 '22 at 01:00

answered Apr 17 '18 at 20:00

Ángel Ugarte

91
1
4

What are the presumptions? That [phpMyAdmin](https://en.wikipedia.org/wiki/PhpMyAdmin) is already installed? What context was this tried in? What operating system/distribution/version? Cloud? [VPS](https://en.wikipedia.org/wiki/Virtual_private_server)? Own server? Own workstation? What was installed? For example, folder `/etc/phpmyadmin` ***doesn't exist*** by default on desktop [Ubuntu 18.04](https://en.wikipedia.org/wiki/Ubuntu_version_history#Ubuntu_18.04_LTS_.28Bionic_Beaver.29) (Bionic Beaver), even after Apache, PHP, and MariaDB have been installed. – Peter Mortensen Mar 02 '22 at 16:32
Please respond by [editing (changing) your question/answer](https://stackoverflow.com/posts/49886515/edit), not here in comments (***without*** "Edit:", "Update:", or similar - the answer should appear as if it was written today). – Peter Mortensen Mar 02 '22 at 16:32

score 3 · Answer 16 · edited Sep 21 '21 at 15:21

OS: Ubuntu 18.04 (Bionic Beaver)

MySQL: 5.7

Add the skip-grant-tables to the end of file mysqld.cnf

Copy the my.cnf file

sudo cp /etc/mysql/mysql.conf.d/mysqld.cnf /etc/mysql/my.cnf

Reset the password

(base) ➜  ~ sudo service mysql stop
(base) ➜  ~ sudo service mysql start
(base) ➜  ~ mysql -uroot
Welcome to the MySQL monitor.  Commands end with ; or \g.
Your MySQL connection id is 2
Server version: 5.7.25-0ubuntu0.18.04.2 (Ubuntu)

Copyright (c) 2000, 2019, Oracle and/or its affiliates. All rights reserved.

Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

mysql> use mysql
Reading table information for completion of table and column names
You can turn off this feature to get a quicker startup with -A

Database changed, 3 warnings
mysql> update mysql.user set authentication_string=password('newpass') where user='root' and Host ='localhost';
Query OK, 1 row affected, 1 warning (0.00 sec)
Rows matched: 1  Changed: 1  Warnings: 1

mysql> update user set plugin="mysql_native_password";
Query OK, 0 rows affected (0.00 sec)
Rows matched: 4  Changed: 0  Warnings: 0

mysql>  flush privileges;
Query OK, 0 rows affected (0.00 sec)

mysql> quit
Bye

Remove the skip-grant-tables from my.cnf

(base) ➜  ~ sudo emacs /etc/mysql/mysql.conf.d/mysqld.cnf
(base) ➜  ~ sudo emacs /etc/mysql/my.cnf
(base) ➜  ~ sudo service mysql restart

Open the MySQL client

(base) ➜  ~ mysql -uroot -ppassword
mysql: [Warning] Using a password on the command line interface can be insecure.
Welcome to the MySQL monitor.  Commands end with ; or \g.
Your MySQL connection id is 3
Server version: 5.7.25-0ubuntu0.18.04.2 (Ubuntu)

Copyright (c) 2000, 2019, Oracle and/or its affiliates. All rights reserved.

Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

mysql>

Check the password policy

mysql> select @@validate_password_policy;
+----------------------------+
| @@validate_password_policy |
+----------------------------+
| MEDIUM                     |
+----------------------------+
1 row in set (0.00 sec)


mysql> SHOW VARIABLES LIKE 'validate_password%';
+--------------------------------------+--------+
| Variable_name                        | Value  |
+--------------------------------------+--------+
| validate_password_dictionary_file    |        |
| validate_password_length             | 8      |
| validate_password_mixed_case_count   | 1      |
| validate_password_number_count       | 1      |
| validate_password_policy             | MEDIUM |
| validate_password_special_char_count | 1      |
+--------------------------------------+--------+
6 rows in set (0.08 sec)！

Change the configuration of the validate_password

mysql> set global validate_password_policy=0;
Query OK, 0 rows affected (0.05 sec)

mysql> set global validate_password_mixed_case_count=0;
Query OK, 0 rows affected (0.00 sec)

mysql> set global validate_password_number_count=3;
Query OK, 0 rows affected (0.00 sec)

mysql> set global validate_password_special_char_count=0;
Query OK, 0 rows affected (0.00 sec)

mysql> set global validate_password_length=3;
Query OK, 0 rows affected (0.00 sec)

mysql> SHOW VARIABLES LIKE 'validate_password%';
+--------------------------------------+-------+
| Variable_name                        | Value |
+--------------------------------------+-------+
| validate_password_dictionary_file    |       |
| validate_password_length             | 3     |
| validate_password_mixed_case_count   | 0     |
| validate_password_number_count       | 3     |
| validate_password_policy             | LOW   |
| validate_password_special_char_count | 0     |
+--------------------------------------+-------+
6 rows in set (0.00 sec)

Note

You should know that you error caused by what? validate_password_policy?

You should have decided to reset the your password to fill the policy or change the policy.

score 3 · Answer 17 · answered Oct 26 '22 at 09:26

This worked for me on mysql Ver 15.1:

$ sudo mysql

MariaDB [mysql]> use mysql;
MariaDB [mysql]> set password for 'root'@'localhost' = password('YOUR_ROOT_PASSWORD_HERE');
MariaDB [mysql]> flush privileges;
MariaDB [mysql]> quit

Login as 'root'

mysql -u root -p

Credits to Raoul HATTERER

score 2 · Answer 18 · answered Oct 27 '22 at 12:37

the answer given by @zetacu and @peter is very accurate but only part of it worked for me. Adding this here for users who are using

mysql  Ver 8.0.30-0ubuntu0.20.04.2 for Linux on x86_64 ((Ubuntu))

So, my user table looked like this:

mysql> SELECT User,Host,plugin FROM mysql.user;
+------------------+-----------+-----------------------+
| User             | Host      | plugin                |
+------------------+-----------+-----------------------+
| debian-sys-maint | localhost | caching_sha2_password |
| mysql.infoschema | localhost | caching_sha2_password |
| mysql.session    | localhost | caching_sha2_password |
| mysql.sys        | localhost | caching_sha2_password |
| pk               | localhost | auth_socket           |
| root             | localhost | auth_socket           |
+------------------+-----------+-----------------------+
6 rows in set (0.00 sec)

So, first I followed the second(recommended) option of replacing YOUR_SYSTEM_USER with the username you have. So, I created a new user with same approach but nothing worked.

Then I tried the first approach to set root user to use my_native_password plugin:

sudo mysql -u root
mysql> USE MySQL;
mysql> UPDATE user SET plugin='mysql_native_password' WHERE 
User='root';
mysql> FLUSH PRIVILEGES;
mysql> exit;

sudo service mysql restart

AND IT WORKED!!! SO, just create a new user and make it use my_native_password plugin.

score 1 · Answer 19 · edited Mar 02 '22 at 17:56

For those installing the latest MariaDB on macOS and following this tutorial in MariaDB's documentation, run:

sudo mariadb-secure-installation

instead of just the mariadb-secure-installation command given. Otherwise, no luck, despite the erroneous prompt:

In order to log into MariaDB to secure it, we'll need the current
password for the root user. If you've just installed MariaDB, and
haven't set the root password yet, you should just press enter here.

Enter current password for root (enter for none):
ERROR 1698 (28000): Access denied for user 'root'@'localhost'
Enter current password for root (enter for none):
ERROR 1698 (28000): Access denied for user 'root'@'localhost'
Enter current password for root (enter for none):
Aborting!

score 0 · Answer 20 · edited Sep 21 '21 at 15:08

This has happened to me as well. The problem is with the MySQL repository that comes already with the Linux distribution. So when you simply do:

sudo apt install mysql-server

It installs MySQL from their default repository which gives this problem. So to overcome that you need to uninstall that installed MySQL:

sudo apt remove mysql* --purge --auto-remove

Then download the MySQL repository from official MySQL website MySQL APT repository.

Follow their documentation on how to add a repository and install it. This gives no issue.

Also as answered by zetacu, you can verify that the MySQL root user now indeed uses the mysql_native_password plugin.

score 0 · Answer 21 · edited Mar 02 '22 at 17:03

I have done the following steps to get rid of this issue.

Log in into the MySQL in your machine using (sudo mysql -p -u root) and hit the following queries.

CREATE USER 'jack'@'localhost' IDENTIFIED WITH mysql_native_password BY '<>';
GRANT ALL PRIVILEGES ON . TO 'jack'@'localhost';

SELECT user,plugin,host FROM mysql.user WHERE user = 'root';

+------+-------------+-----------+
| user | plugin      | host      |
+------+-------------+-----------+
| root | auth_socket | localhost |
+------+-------------+-----------+

ALTER USER 'root'@'localhost' IDENTIFIED WITH mysql_native_password BY '<>';
FLUSH PRIVILEGES;

Please try it once if you are still getting the error. I hope this code will help you a lot!!

score 0 · Answer 22 · edited Mar 02 '22 at 17:24

0

For anyone that tried the solution here and nothing works, make sure you are using the correct command, sudo sudo mysql -u root -p and not mysql mysql -u root -p.

You'll need to enter two passwords, the one of the current user and the root one.

edited Mar 02 '22 at 17:24

Peter Mortensen

30,738
21
105
131

answered May 21 '21 at 01:47

Abderrahmene

11
1

It is indeed confusing. Is it a system user name or a MySQL user name (or they may be connected somehow)? Can you make it clearer in *[your](https://stackoverflow.com/posts/67629878/edit)* answer? E.g., what does "the root one" refer to? (But ***without*** "Edit:", "Update:", or similar - the answer should appear as if it was written today.) – Peter Mortensen Mar 02 '22 at 17:27

score -1 · Answer 23 · edited Sep 21 '21 at 13:37

-1

You want to access MySQL with root user but you're not providing root's correct password.

If you need to set a new password for root, MySQL's site has great documentation on how to do it: B.3.3.2 How to Reset the Root Password

I'll not show the process in here, because MySQL's documentation on the above link is clear and concise.

edited Sep 21 '21 at 13:37

Peter Mortensen

30,738
21
105
131

answered Sep 02 '16 at 00:36

Cristian Gonçalves

892
2
9
18

1

Thanks for the anwser, but I couldn't get it to work, so I have chosen to install iRedMail with a pgSQL database instead. – Folkmann Sep 02 '16 at 15:55
Roger Folkman! Good to know that you solved your problem any how. – Cristian Gonçalves Sep 02 '16 at 16:15
2

Links break. mysql.com has had many broken links over the years. You should copy and paste the relevant information here, which is fine as long you attribute the source. – Goose Jan 15 '18 at 22:31

ERROR 1698 (28000): Access denied for user 'root'@'localhost'

23 Answers23

A new version of MySQL does it this way

Note

Linked

Related