I recently helped a client purchase a Windows VPS from GoDaddy. We're very pleased with the server so far. One of the things we wanted to do was run MySQL on the server, and MySQL 5.6 came pre-installed. Nice right? Well, not really. In fact, very much not nice.
A normal install of MySQL, according to the documentation, would set the initial root password to the empty string. I understand if GoDaddy thinks that an empty password isn't secure, and sets it to something other than the empty string. But if they do, shouldn't they tell us what the password is?
OK, no problem, I'll chat with support and find out how to get in. So I get server support. But I cannot convince they guy that I don't need a password to the Windows server itself. I spent 45 minutes in chat, and got nowhere. He told me to reset the server password (to the box itself), and to create a domain in Plesk. He even asked if I knew how to manage a server, which was funny, because he was the one who didn't understand the problem. I could not convince him that the password to MySQL had nothing to do with the username and password to the box itself.
MySQL is an extra piece of software, installed as a convenience to the buyer. As I said, a default installation would have left the password empty, and I could have gotten in to use it if they had followed that default. But they didn't.
In the end, after wasting 2 hours trying multiple ideas and trying to reset the password, I just uninstalled MySQL and reinstalled it. That worked like a charm. I'm in and it's working great. But now I've wasted nearly 3 hours when I could have just installed the whole thing from scratch in 30 minutes.
The bottom line is that the server image has an install of MySQL that doesn't follow the documented standard of leaving the root password empty, and that's OK if you tell your users what the password is. But since you don't, it cost me a whole lot of wasted time and effort. It would have been much easier, and much less time-consuming, if you hadn't bothered to put it on the server to begin with.
At the very least, please make sure that server support understands that the database engines that come pre-installed have their own usernames and passwords, and that they are INDEPENDENT of the box itself. I know SQL Server can be tied to the user's credentials on the box, but some users don't want to use it that way. Anyway, if you choose to improve security by setting a password that isn't the default, then tell your customers what the password is.
GoDaddy generally has awesome support. But this time it fell short of acceptable.
First this first @ChrisCollinsGSC. Thank you for taking the time to document your situation. Your post is very well written and conveys in detail your experience. Stories like yours often drives change and I'm sure that the support team will be glad to be informed about this?
Second, I'm sorry that you had to go through this. Kudos to you for using the live chat support and attempting to work this situation out. Like you I was under the impression that the password started blank but I can understand why it would be populated with something.
Way back in the day Windows systems would install with no password. I worked setting up new machines to be deployed to employees. Since there was no default password we created a install that made the default password eatlgrey (the tea choice of my then boss). Once the computer was deployed the user was expected to change it which often never happened. We later went to a default password of pleasechangeme but oddly enough even that did not prompt some users to change their password. Disclaimer: if you are reading this and you are thinking "Why would you setup a computer like that?" know that this was before computer network accounts and logins in what now seems like the old days.
What I'm thinking @ChrisCollinsGSC is that your MySQL password is setup by default with a password that you should change? If there was a standard password and we posted it here that would be just as unsecured as no password? What I'd tell anyone else in your situation is to Reset your MySQL database password. Odds are the default password is difficult to remember and you'd change it anyway? I know how valuable the hours can be. I hope that helps?
roy darling *my posts seem a lot shorter in my head