From 9d816111d06f3e52df8aa19ea3660ff15c248d17 Mon Sep 17 00:00:00 2001 From: Grace Cai Date: Sat, 12 Oct 2024 17:21:53 +0800 Subject: [PATCH] resolve conflicts --- TOC.md | 11 ----------- best-practices-for-security-configuration.md | 6 ------ 2 files changed, 17 deletions(-) diff --git a/TOC.md b/TOC.md index af6fa215899f3..cdf187902e3e9 100644 --- a/TOC.md +++ b/TOC.md @@ -467,17 +467,6 @@ - [TiKV](/grafana-tikv-dashboard.md) - [TiFlash](/tiflash/monitor-tiflash.md) - [TiCDC](/ticdc/monitor-ticdc.md) -<<<<<<< HEAD - - Secure - - [Enable TLS Between TiDB Clients and Servers](/enable-tls-between-clients-and-servers.md) - - [Enable TLS Between TiDB Components](/enable-tls-between-components.md) - - [Generate Self-signed Certificates](/generate-self-signed-certificates.md) - - [Encryption at Rest](/encryption-at-rest.md) - - [Enable Encryption for Disk Spill](/enable-disk-spill-encrypt.md) - - [Log Redaction](/log-redaction.md) -======= - - [Resource Control](/grafana-resource-control-dashboard.md) ->>>>>>> fcaa5e3831 (Add security configuration documentation and migrate security docs di… (#18996)) - Privileges - [Security Compatibility with MySQL](/security-compatibility-with-mysql.md) - [Privilege Management](/privilege-management.md) diff --git a/best-practices-for-security-configuration.md b/best-practices-for-security-configuration.md index 1b684ce86f96d..404db2fb582f2 100644 --- a/best-practices-for-security-configuration.md +++ b/best-practices-for-security-configuration.md @@ -20,12 +20,6 @@ To avoid this risk, it is recommended to set a root password during deployment: - For deployments using TiUP, refer to [Deploy TiDB Cluster Using TiUP](/production-deployment-using-tiup.md#step-7-start-a-tidb-cluster) to generate a random password for the root user. - For deployments using TiDB Operator, refer to [Set initial account and password](https://docs.pingcap.com/tidb-in-kubernetes/stable/initialize-a-cluster#set-initial-account-and-password) to set the root password. -## Enable password complexity checks - -By default, TiDB does not enforce password complexity policies, which might lead to the use of weak or empty passwords, increasing security risks. - -To ensure that database users create strong passwords, it is recommended to configure a reasonable [password complexity policy](/password-management.md#password-complexity-policy). For example, configure a policy that requires passwords to include a combination of uppercase letters, lowercase letters, numbers, and special characters. By enforcing password complexity checks, you can improve database security, prevent brute force attacks, reduce internal threats, ensure compliance with regulations, and lower the risk of data breaches, thus enhancing overall security. - ## Change the default Grafana password TiDB installation includes the Grafana component by default, and the default username and password are typically `admin`/`admin`. If the password is not changed promptly, attackers could exploit this to gain control of the system.