90

Using this command

GRANT ALL PRIVILEGES ON *.* to 'brian'@'%' identified by 'password';

I try to login with:

 mysql -u brian -ppassword

The error is:

ERROR 1045 (28000): Access denied for user 'brian'@'localhost' (using password: YES)

I am doing this as root and I did try to flush privileges.

I tried this with countless users but it does not seem to work. I can create a user with no password and login works. Command line and from phpmyadmin

Also check to see if the user was in mysql.user which it is.

Show grants for brian shows:

| GRANT ALL PRIVILEGES ON *.* TO 'brian'@'%' IDENTIFIED BY PASSWORD '*2470C0C06DEE42FD1618BB99005ADCA2EC9D1E19' |
Improve this question
1
  • Hmm... what does SHOW GRANTS FOR brian@%; return?
    – Powerlord
    Commented Sep 11, 2009 at 17:50

14 Answers 14

Reset to default
191

You probably have this perpetual MySQL problem where one of the default users in the user table is '' @ localhost, which winds up denying all localhost users later in the table. What I would do is mysqldump the mysql database and look for this entry in the User table; if found, delete it and flush privileges.

For more details see https://dev.mysql.com/doc/refman/5.5/en/connection-access.html.

It is a common misconception to think that, for a given user name, all rows that explicitly name that user are used first when the server attempts to find a match for the connection. This is not true. The preceding example illustrates this, where a connection from h1.example.net by jeffrey is first matched not by the row containing 'jeffrey' as the User column value, but by the row with no user name. As a result, jeffrey is authenticated as an anonymous user, even though he specified a user name when connecting.

Improve this answer
8
  • 1
    I do have that in fact. is there a better way without impacting my production.
    – Brian G
    Commented Sep 11, 2009 at 17:51
  • Well, you could move your newly created entries before it, if you don't want to get rid of it, I guess. But as long as it's there, it's going to keep doing this to new users. If you're worried about getting rid of it, you should probably dig around the MySQL docs for why it's there, which I'm sure there's some weird reason for but I can't recall right now.
    – chaos
    Commented Sep 11, 2009 at 18:01
  • Any more information on this. I am almost positive this is my issue. but I cannot find any more information on it.
    – Brian G
    Commented Sep 14, 2009 at 13:23
  • dev.mysql.com/doc/refman/5.1/en/default-privileges.html has something about the 'anonymous accounts' that this empty-username accounts are apparently meant to be. Nothing there seems to be indicating that there's any downside to removing them.
    – chaos
    Commented Sep 14, 2009 at 14:24
  • 6
    If you're using mysql on a Debian system like, the BEST way to solve this problem is by executing mysql_secure_installation (root privileges needed).
    – BigBlast
    Commented Feb 9, 2017 at 21:39
48

This is a problem caused by the anonymous users. Once I install MySQL I always run 

shell> mysql_secure_installation

and select to set/change the root password, remove anonymous users, disallow remote root login, remove the test database. This will remove the anonymous user and secure your installation. It should also solve the problem you have.

Improve this answer
1
  • If feel this is really the correct answer, at least for anything other than complete demo databases. In a way it seems that mysql is being sensible by preventing user logins before doing this (and removing anonymous users), since it is a big red flag that an installation is insecure.
    – Phil
    Commented Aug 27, 2013 at 19:59
23 
mysql> flush privileges;
Query OK, 0 rows affected (0.00 sec)
Improve this answer
2
  • 1
    This worked for me as well, but can you explain the logic?
    – blackirishman
    Commented Oct 13, 2015 at 17:24
  • 2
    @blackirishman Privilege changes aren't taking effect until you flush the old permissions and the new ones are instated. I'm sure this would be done automatically on phpmyadmin. This worked for me too! Thank you.
    – logicbloke
    Commented Oct 22, 2018 at 17:01
23

None of the solutions provided here worked. After loads of error and trial I realised that I had special characters in the password. Changing password without special characters solved the issue

Improve this answer
6
  • 2
    I didn't have to remove the special characters just had to use the -p option to prompt me for the password.
    – ccjjmartin
    Commented Jun 7, 2016 at 4:28
  • 1
    This was it for me. I think the problem was that when I set the password, the '\' character in it wasn't interpreted literally, but when I tried to log in with the new user, it was.
    – jfla
    Commented Aug 22, 2017 at 18:37
  • Any/all/some of the following characters were culprit & ? ^ \
    – AnkitK
    Commented Sep 27, 2018 at 11:00
  • 4
    I figured out spaces and the following characters should be avoided " ' $ , [ ] * ? { } ~ # % \ < > | ^ ;
    – Mehdi Nellen
    Commented Nov 15, 2018 at 18:17
  • Took me ages to realise this. I used an online random password generator to come up with the password which contained one of these special characters.
    – BadHorsie
    Commented Feb 16, 2020 at 23:00
7

The mysql docs have this to say: (from http://dev.mysql.com/doc/refman/5.1/en/adding-users.html):

Two of the accounts have a user name of monty and a password of some_pass. Both accounts are superuser accounts with full privileges to do anything. The 'monty'@'localhost' account can be used only when connecting from the local host. The 'monty'@'%' account uses the '%' wildcard for the host part, so it can be used to connect from any host.

It is necessary to have both accounts for monty to be able to connect from anywhere as monty. Without the localhost account, the anonymous-user account for localhost that is created by mysql_install_db would take precedence when monty connects from the local host. As a result, monty would be treated as an anonymous user. The reason for this is that the anonymous-user account has a more specific Host column value than the 'monty'@'%' account and thus comes earlier in the user table sort order.

With this in mind I would recommend you create a 'brian'@'localhost' user with the same privileges.

Improve this answer
1
  • 1
    <sarcasm>What a beautiful design decision!</sarcasm>
    – jweyrich
    Commented Jun 22, 2017 at 20:48
5

Finally this worked for me:

MariaDB [(none)]> drop user ''@'localhost';
Query OK, 0 rows affected (0.00 sec)

MariaDB [(none)]> flush privileges;
Query OK, 0 rows affected (0.00 sec)
Improve this answer
3

You forgot the quotes around brian in your grant statement. Try it like this:

GRANT ALL PRIVILEGES ON *.* to 'brian'@'%' identified by 'password';

Improve this answer
0
3

I think 'Russell Silva' is right...

I created an user by

CREATE USER 'username'@'%' PASSWORD='userpassword';

But I cannot login in this account.The console told me that 

ERROR 1045 (28000): Access denied for user 'username'@'localhost' (using password: YES)

So I created an user with the same username except that changing '%' to 'localhost',and I could finally login in as 'username'. It's quite weird for me though.

Improve this answer
1
  • 2
    'username'@'%' means 'username' can login to DB from any client machine. 'username'@'localhost' means 'username' can only login from same machine where DB is installed.
    – Himalaya Garg
    Commented Sep 15, 2021 at 9:16
3

Change to native password using this command:

ALTER USER 'username'@'hostname' IDENTIFIED WITH mysql_native_password BY 'password';
Improve this answer
1

In my case it was due to me clicking "SSL: REQUIRE SSL" (in phpmyadmin). When I changed it to "REQUIRE NONE" I could log in.

Improve this answer
1
  • This fixed it for me with phpmyadmin 4.5.4.1deb2ubuntu2. Cheers! Never had this issue with previous phpmyadmin versions that I know off.
    – 10us
    Commented Sep 27, 2017 at 9:06
0

You can also connect from another host and then the localhost anonymous user is bypassed and you can remove it and flush privileges:

mysql -u brian -ppassword -h 'other_host_than_localhost'
Improve this answer
0

I had a similar problem attempting to connect to a Maria DB running on Ubuntu after upgrading to 17.04.

The default was to listen only on localhost, 127.0.0.1.

To make MySQL/Maria listen on all available ports and interfaces I needed to explicitly specify bind-address=0.0.0.0. I added this line to the end of the file /etc/mysql/my.cnf, i.e.

...
[client-server]

# Import all .cnf files from configuration directory

!includedir /etc/mysql/conf.d/
!includedir /etc/mysql/mariadb.conf.d/
bind-address=0.0.0.0

Then...

sudo /etc/init.d/mysql restart
Improve this answer
-1

Similar problem occurred for me even after verifying i haven't entered a wrong password, i couldn't login. Below two steps solved my problem.

  1. Dropping test database
  2. Deleting anonymous user
Improve this answer
1
  • Dropping test database you could have burned out the whole pc, I have a feeling it would also have solved the problem...
    – Sebas
    Commented Jan 21, 2016 at 0:47
-1

stupidest thing ... special characters in the root password are okay but NOT for a user?!?!?! Removed any !@#$%^&*()_+~ characters from the user password and it worked.

Improve this answer

Not the answer you're looking for? Browse other questions tagged or ask your own question.