How to fix MySQL 3636 This authentication position must use FIDO2?

Use FIDO2 for the required factor: Assigns FIDO2 as required by the authentication policy.

3636

MySQLERRORNotableAccess ControlHIGH confidence

This authentication position must use FIDO2

Production Risk

Low — ALTER USER fails; existing account configuration is unchanged.

How to reproduce

trigger — this will error

ALTER USER 'user'@'%' ADD 2 FACTOR IDENTIFIED WITH authentication_ldap_sasl; -- policy requires fido

expected output

ERROR 3636 (HY000): Authentication factor 2 must use FIDO2.

Fix

Use FIDO2 for the required factor

ALTER USER 'user'@'%' ADD 2 FACTOR IDENTIFIED WITH authentication_fido;

Why this works

Assigns FIDO2 as required by the authentication policy.

What not to do

Version notes

Sources

MySQL 8.0 — 3636 ER_AUTHENTICATION_FACTOR_MUST_BE_FIDO2

Content generated with AI assistance and reviewed for accuracy. Found an error? hello@errcodes.dev

At a glance

PlatformMySQL Error Numbers

Code3636

ClassAccess Control

SeverityERROR

TierNotable

ConfidenceHIGH