I’ve noticed that for each connection there is this warning in the Mysql error log:
[Warning] [MY-013360] [Server] Plugin mysql_native_password reported: ‘‘mysql_native_password’ is deprecated and will be removed in a future release. Please use caching_sha2_password instead’
On our highly visit site the error log grows realy rapidly
I checked one of my servers and found a 1.8 GB error log file for MySQL.
99.99% of the logs are warnings like:
Plugin mysql_native_password reported: ''mysql_native_password' is deprecated and will be removed in a future release. Please use caching_sha2_password instead'
In my case it might be happen because I connect on that server with external databases (or other server user connect with that server). Does this happen in your case @yuluma too?
EDIT
Like @yuluma already mentioned, all mysql database user are created with the “old” password hash plugin. But I’m courios why many of them don’t generate warnings and others not.
I have another with some warnings, but only a few hundred. Like I mentioned before, I think these warrnings exists because of non-localhost connections.
@finalwebsites all connections are from 1 shop connecting with localhost
there are solutions online:
ALTER USER 'username'@'host' IDENTIFIED WITH caching_sha2_password BY 'password';
but the question is: is this smart to do or should a fix come from within Cleavr?
Sure it’s possible to change that value (both plugins are installed), but I remember me that I forced the native password version (on two servers) for some other reasons.
Strange is that only one of my servers has all the log entries. I disabled the warnings inside the log files with:
log-error-verbosity = 1 inside the mysqld.conf file
I really like to know why the native password version is used for db users on new servers.
@amiedema, is there some context you can add to this issue?
Why is Cleavr using the “old” native password plugin?
Hello! We are currently exploring updated recommendations from MySQL and creating a plan for how we’ll handle new servers / MySQL installations and guidance on existing instances.
Stay tuned!
Thanks for the update!
Hello @yuluma and @finalwebsites,
We recently released an update that includes changes to the MySQL password plugin.
We are now using caching_sha2_password instead of mysql_native_password for all new database users created after this release.
Please try creating a new database and database user, and let us know if this resolves the warning.
We are also planning to publish a blog post soon that will explain how to update the plugin for existing database users.
Hi Anish, we haven’t deployed a new server yet, will look into this next time we will deploy a new one.
Please do update is as soon as you have the blog ready to fix this for existing servers 
Hello there,
To update the authentication plugin for an existing MySQL database user, you can SSH into the server and execute the following commands:
mysql -uroot
ALTER USER '{{ databaseUser }}'@'{{ host }}' IDENTIFIED WITH caching_sha2_password BY '{{ password }}';
FLUSH PRIVILEGES;
So in the near futur we will need to do that on every website instance?
Hello @KJ-Miller,
For existing database users, you will need to execute some manual SQL queries.
When creating a new database or database user, you can enable the Use caching_sha2_password plugin.
