database connection - mysql secure installation seems to be not secure

Question

After successful mysql_secure_installation

Output:

mysql_secure_installation
Enter current password for root (enter for none): 
Switch to unix_socket authentication [Y/n] n
Change the root password? [Y/n] y
New password:
MyBullPassword
Re-enter new password: 
MyBullPassword
Remove anonymous users? [Y/n] y
Disallow root login remotely? [Y/n] n
Remove test database and access to it? [Y/n] y
Reload privilege tables now? [Y/n] y

When I run:

mysql -u root -p

I AM able to connect to mysql without password or even with wrong password and instead of "access denied" message I'm connected to the MySQL server.

So I guess MySQL is not secured

Why? What am I doing wrong? Is is possible because I'm connected to the server as root? mysql gives me acssess even with wrong password?

OS: Centos 8 MySQL: MariaDB 10.5.8

question from:https://stackoverflow.com/questions/65541558/mysql-secure-installation-seems-to-be-not-secure

Answer 1

You have to check for few things in your installation:

• Socket connections - are they enabled or disabled
• User specific configuration in my.cnf

There is a lot of information how to perform these checks and how to fix your issue here - How to disable MySQL root logins when no password is supplied?