I recently helped a client purchase a Windows VPS from GoDaddy. We're very pleased with the server so far. One of the things we wanted to do was run MySQL on the server, and MySQL 5.6 came pre-installed. Nice right? Well, not really. In fact, very much not nice.
A normal install of MySQL, according to the documentation, would set the initial root password to the empty string. I understand if GoDaddy thinks that an empty password isn't secure, and sets it to something other than the empty string. But if they do, shouldn't they tell us what the password is?
OK, no problem, I'll chat with support and find out how to get in. So I get server support. But I cannot convince they guy that I don't need a password to the Windows server itself. I spent 45 minutes in chat, and got nowhere. He told me to reset the server password (to the box itself), and to create a domain in Plesk. He even asked if I knew how to manage a server, which was funny, because he was the one who didn't understand the problem. I could not convince him that the password to MySQL had nothing to do with the username and password to the box itself.
MySQL is an extra piece of software, installed as a convenience to the buyer. As I said, a default installation would have left the password empty, and I could have gotten in to use it if they had followed that default. But they didn't.
In the end, after wasting 2 hours trying multiple ideas and trying to reset the password, I just uninstalled MySQL and reinstalled it. That worked like a charm. I'm in and it's working great. But now I've wasted nearly 3 hours when I could have just installed the whole thing from scratch in 30 minutes.
The bottom line is that the server image has an install of MySQL that doesn't follow the documented standard of leaving the root password empty, and that's OK if you tell your users what the password is. But since you don't, it cost me a whole lot of wasted time and effort. It would have been much easier, and much less time-consuming, if you hadn't bothered to put it on the server to begin with.
At the very least, please make sure that server support understands that the database engines that come pre-installed have their own usernames and passwords, and that they are INDEPENDENT of the box itself. I know SQL Server can be tied to the user's credentials on the box, but some users don't want to use it that way. Anyway, if you choose to improve security by setting a password that isn't the default, then tell your customers what the password is.
GoDaddy generally has awesome support. But this time it fell short of acceptable.