Forgot mysql ROOT password

[TotalPenguin]

So the only way to access it from localhost would mean that they have to hack your root, right?

[Tor]

I believe so.

[MarkA]

Yeah, I guess they have to! They will have to SSH or something...

[Tor]

If they have access to your hardware they can boot in single user mode and not have to put a password in at all. The point here is to keep your doors locked to your servers.

[MarkA]

But still.. even if they had hardware access.. they can't just log into the root account.. right?

[WingedPanther]

If they have a live CD, they can change the root password on your system and get access.

[Jordan]

A live CD would give them full access like WingedPanther stated. I believe when you boot in single user mode you do not have to supply a password for root either. If a person has physical access there is nothing your virtual security can really do.

[MarkA]

Waw.. that's.. that's.. that makes all security null... OMG!

[WingedPanther]

Thus the statement that you network is only as secure as your ability to keep people out. There was an experiment not long ago where a company was using RFID chips for their building access. A white-hat outfit used a scanner in front of the building to secretly copy the RFID code and gained access to the building. So much for "security". If you have access to the server, you can take it apart, put drives in other computers, etc. If I have your computer, I have your data.

[Tor]

The should use the key/code combination. For instance, they have the RFID chips and then they would need something else like a code only known to them. Or some form of ID.