MySQL Bugs: #76756: mysqld --initialize produces unusable password

Bug #76756	mysqld --initialize produces unusable password
Submitted:	20 Apr 2015 14:26	Modified:	7 May 2015 5:10
Reporter:	Todd Farmer (OCA)	Email Updates:
Status:	Won't fix	Impact on me:	None
Category:	MySQL Server: Installing	Severity:	S3 (Non-critical)
Version:	5.7.7	OS:	Any
Assigned to:		CPU Architecture:	Any

Description:
When running mysqld --initialize, a password for root@localhost can be generated with a leading forward slash or hyphen, both of which appear to cause problems logging in.  For example:

mysql> CREATE USER test@localhost IDENTIFIED BY '-1234';
Query OK, 0 rows affected (0.00 sec)

mysql> exit
Bye

R:\ade\mysql-5.7.8-rc-winx64>bin\mysql -utest -p-1234 -P3310
mysql: [Warning] Using a password on the command line interface can be insecure.

ERROR 1045 (28000): Access denied for user 'test'@'localhost' (using password: Y
ES)

R:\ade\mysql-5.7.8-rc-winx64>bin\mysql -utest -p\-1234 -P3310
mysql: [Warning] Using a password on the command line interface can be insecure.

ERROR 1045 (28000): Access denied for user 'test'@'localhost' (using password: Y
ES)

R:\ade\mysql-5.7.8-rc-winx64>bin\mysql -utest -p"-1234" -P3310
mysql: [Warning] Using a password on the command line interface can be insecure.

ERROR 1045 (28000): Access denied for user 'test'@'localhost' (using password: Y
ES)

How to repeat:
Review code, note that hyphen and forward slash characters can be chosen as part of random password generation.

Suggested fix:
Identify and eliminate all special characters which cannot be used directly as a password.