When working with phpMyAdmin on Ubuntu's LAMP stack, you might encounter the frustrating message: Login without a password is forbidden by configuration (see AllowNoPassword). This occurs because modern phpMyAdmin installations prioritize security over convenience by default.
To allow empty password login, you'll need to modify phpMyAdmin's configuration. Locate the config file (typically at /etc/phpmyadmin/config.inc.php) and add this line:
$cfg['Servers'][$i]['AllowNoPassword'] = true;
For newer Ubuntu versions, you might find this setting in:
/etc/phpmyadmin/config.inc.php
or
/usr/share/phpmyadmin/config.inc.php
Even after modifying phpMyAdmin's config, your MySQL user needs proper privileges. Connect to MySQL as root and run:
GRANT ALL PRIVILEGES ON *.* TO 'username'@'localhost' IDENTIFIED BY '';
FLUSH PRIVILEGES;
While this solution works, consider these security implications:
- Never use empty passwords on production servers
- Limit access with proper firewall rules
- Consider using
mysql_secure_installationfor basic hardening
If the solution doesn't work immediately:
- Restart Apache:
sudo service apache2 restart - Check file permissions on config files
- Verify the configuration file path with
sudo updatedb && locate config.inc.php
For Ubuntu 20.04+ users, you might need to edit an additional file:
/etc/dbconfig-common/phpmyadmin.conf
And modify the line:
dbc_dbpass=''
When working with phpMyAdmin on Ubuntu LAMP stack, you might encounter the frustrating error: "Login without a password is forbidden by configuration (see AllowNoPassword)". This occurs when your MySQL root user has no password set ('') but phpMyAdmin's security configuration prevents empty password logins by default.
Modern phpMyAdmin installations come with enhanced security configurations that:
- Prevent unauthorized access to databases
- Comply with security best practices
- Reduce vulnerability to brute force attacks
For development environments where security isn't critical, you can modify phpMyAdmin's config:
sudo nano /etc/phpmyadmin/config.inc.php
Add or modify this line:
$cfg['Servers'][$i]['AllowNoPassword'] = true;
Then restart Apache:
sudo service apache2 restart
The proper solution is to set a password for your MySQL root user:
mysql -u root mysql> ALTER USER 'root'@'localhost' IDENTIFIED WITH mysql_native_password BY 'your_new_password'; mysql> FLUSH PRIVILEGES;
Then update phpMyAdmin's configuration:
sudo nano /etc/phpmyadmin/config-db.php
Update these lines:
$dbuser='root'; $dbpass='your_new_password';
For better security, create a specific user for phpMyAdmin:
mysql -u root -p mysql> CREATE USER 'pma_user'@'localhost' IDENTIFIED BY 'secure_password'; mysql> GRANT ALL PRIVILEGES ON *.* TO 'pma_user'@'localhost' WITH GRANT OPTION; mysql> FLUSH PRIVILEGES;
Then update phpMyAdmin's config:
$cfg['Servers'][$i]['user'] = 'pma_user'; $cfg['Servers'][$i]['password'] = 'secure_password';
- Verify file permissions:
sudo chmod 644 /etc/phpmyadmin/config.inc.php
- Check error logs:
sudo tail -f /var/log/apache2/error.log
- Ensure MySQL is running:
sudo service mysql status