You can expire the passwords of users for a specific interval; after this, they need to change their password.
When an application developer asks for database access, you can create the account with a default password and then set it to expire. You can share the password with the developers, then they have to change the password to continue using MySQL.
All the accounts are created with a password expiry equal to the default_password_lifetime variable, which is disabled by default:
- Create a user with an expired password. When the developer logs in for the first time and tries to execute any statement, ERROR 1820 (HY000): is thrown. The password must be reset using the ALTER USER statement before executing ...