Bug #76756 mysqld --initialize produces unusable password
Submitted: 20 Apr 2015 14:26 Modified: 7 May 2015 5:10
Reporter: Todd Farmer (OCA) Email Updates:
Status: Won't fix Impact on me:
None 
Category:MySQL Server: Installing Severity:S3 (Non-critical)
Version:5.7.7 OS:Any
Assigned to: CPU Architecture:Any

[20 Apr 2015 14:26] Todd Farmer
Description:
When running mysqld --initialize, a password for root@localhost can be generated with a leading forward slash or hyphen, both of which appear to cause problems logging in.  For example:

mysql> CREATE USER test@localhost IDENTIFIED BY '-1234';
Query OK, 0 rows affected (0.00 sec)

mysql> exit
Bye

R:\ade\mysql-5.7.8-rc-winx64>bin\mysql -utest -p-1234 -P3310
mysql: [Warning] Using a password on the command line interface can be insecure.

ERROR 1045 (28000): Access denied for user 'test'@'localhost' (using password: Y
ES)

R:\ade\mysql-5.7.8-rc-winx64>bin\mysql -utest -p\-1234 -P3310
mysql: [Warning] Using a password on the command line interface can be insecure.

ERROR 1045 (28000): Access denied for user 'test'@'localhost' (using password: Y
ES)

R:\ade\mysql-5.7.8-rc-winx64>bin\mysql -utest -p"-1234" -P3310
mysql: [Warning] Using a password on the command line interface can be insecure.

ERROR 1045 (28000): Access denied for user 'test'@'localhost' (using password: Y
ES)

How to repeat:
Review code, note that hyphen and forward slash characters can be chosen as part of random password generation.

Suggested fix:
Identify and eliminate all special characters which cannot be used directly as a password.