MySQLWARNINGNotableSecurityHIGH confidence

Sending passwords in plain text is insecure

Enable SSL/TLS for all connections: Forces all connections to use encrypted transport, protecting credentials in transit.

Production Risk

High — credentials exposed in plaintext.

What this means

A password or authentication credential is being transmitted over an unencrypted connection, which is a security risk.

Why it happens

1Client connecting to MySQL without SSL/TLS while using password authentication.
2CHANGE MASTER TO ... MASTER_PASSWORD specified without an encrypted connection to the master.

How to reproduce

trigger — this will error

-- Triggered when plaintext credentials traverse an unencrypted channel

expected output

Warning (Code 1759): Sending passwords in plain text without SSL/TLS is extremely insecure.

Fix

Enable SSL/TLS for all connections

-- In my.cnf:
[mysqld]
require_secure_transport = ON

Why this works

Forces all connections to use encrypted transport, protecting credentials in transit.

What not to do

Sources

MySQL 8.0 — 1759 ER_INSECURE_PLAIN_TEXT

Content generated with AI assistance and reviewed for accuracy. Found an error? hello@errcodes.dev

At a glance

PlatformMySQL Error Numbers

Code1759

ClassSecurity

SeverityWARNING

TierNotable

ConfidenceHIGH