Joomla and MySQL 8
From Joomla! Documentation
MySQL Default Authentication Plugin Issue[edit]
It is possible to connect to a MySQL 8 Database using Joomla , however it requires a customisation on the MySQL 8 installation configuration. The reason is that MySQL 8 has many low-level changes including the default authentication plugin changing to sha256_password from mysql_native_password. The native PHP MySQL-Driver doesn't currently support MySQL 8 with this plugin. PHP 7.3 (alpha) is supporting MySQL 8 though.
MySQL Configuration Change to Get Joomla Working with MySQL 8[edit]
If you edit the configuration file for MySQL 8, you can change the default authentication plugin for MySQL to use the older mysql_native_password. Open your configuration file sudo nano /etc/my.cnf. (Note that your file may be under a different directory.) Add this configuration:
[mysqld]
default-authentication-plugin=mysql_native_password
If you don't have access to your config file, you can update your user:
ALTER USER 'username'@'localhost' IDENTIFIED WITH mysql_native_password BY 'password';
Replace username with the name of the user account and password with the password belonging to the account. Restart MySQL and you are done. Well, only if you have Joomla 3.8 or 3.9 installed.
How MySQL Default Authentication Plugin Works[edit]
The advantage of mysql_native_password is that it supports the challenge/response mechanism which is quick and does not require encrypted connection. However, mysql_native_password relies on SHA1 algorithm and NIST has recommended to stop using it.
Further, if two user accounts use the same password, mysql_native_password transformation is the same in the mysql.user table. Although the hash does not expose information about the actual password, it still tells which two users use the same password. To avoid that, a salt should be used. A salt is a random number that is used as one of the parameters to cryptographic hash functions used to transform user passwords. Since a salt is random and different for each execution, even if two users use the same passwords, the end result of transformation would look different.
Since MySQL 5.6, the sha256_password authentication plugin is supported. It uses multiple rounds of SHA256 hash on a salted password to make sure that the hash transformation is more secure. However, it requires either encrypted connections or support for an RSA key pair. So, while password security is stronger, secure connections and multiple rounds of hash transformations require more time in the authentication process.
The caching_sha2_password tries to combine the best of both worlds. [1]