diff --git a/app/Commands/MariadbInstallCommand.php b/app/Commands/MariadbInstallCommand.php
index 3e696d5..a94d556 100644
--- a/app/Commands/MariadbInstallCommand.php
+++ b/app/Commands/MariadbInstallCommand.php
@@ -8,10 +8,19 @@ use Illuminate\Support\Facades\File;
 
 use App\Facades\Install;
 
-use Log;
+use Hackzilla\PasswordGenerator\Generator\ComputerPasswordGenerator;
+use Hackzilla\PasswordGenerator\RandomGenerator\Php7RandomGenerator;
 
+/**
+ *
+ *
+ *  
+ */
 class MariadbInstallCommand extends Command
 {
+    const MCP_LOG_FILE = '/root/mcp.log';
+    const PASSWORD_LENGTH = 40;
+
     /**
      * The signature of the command.
      *
@@ -38,22 +47,45 @@ class MariadbInstallCommand extends Command
         exec('apt update 2>&1');
         exec('apt install -y mariadb-server mariadb-client 2>&1');
 
-        $link = mysqli_connect('127.0.0.1', 'root', $password);
+        if (Install::isReady('mariadb-server mariadb-client')) {
+
+            $this->info('Mariadb setup...');
 
-        //exec('UPDATE mysql.user SET Password=PASSWORD('${install_mysql_password}') WHERE User='root';');
-        //mysql_query("UPDATE mysql.user SET Password=PASSWORD('$password') WHERE User='root';");
-        //
+            // generate password
+            $generator = new ComputerPasswordGenerator();
+            $generator->setRandomGenerator(new Php7RandomGenerator())
+                ->setUppercase()
+                ->setLowercase()
+                ->setUppercase()
+                ->setNumbers()
+                ->setSymbols(false)
+                ->setLength(self::PASSWORD_LENGTH);
 
-        //mysqli_close($link);
+            // getting password for root
+            $password = $generator->generatePasswords()[0];
 
-        if (Install::isReady('mariadb-server mariadb-client')) {
+            // remove plugin for root and set password
+            exec('sudo mysql -u root -e "UPDATE mysql.user SET Password=PASSWORD(\''.$password.'\') WHERE User=\'root\';"');
+            exec('sudo mysql -u root -e "UPDATE mysql.user SET plugin=\'\' where User=\'root\';"');
+
+            // delete anonymous user
+            exec('sudo mysql -u root -e "DELETE FROM mysql.user WHERE User=\'\';"');
+
+            // make sure root can only access from local
+            exec('sudo mysql -u root -e "DELETE FROM mysql.user WHERE User=\'root\' AND Host NOT IN (\'localhost\', \'127.0.0.1\', \'::1\');"');
+
+            // drop test database and anthing familiar
+            exec('sudo mysql -u root -e "DROP DATABASE IF EXISTS test;"');
+            exec('sudo mysql -u root -e "DELETE FROM mysql.db WHERE Db=\'test\' OR Db=\'test_%\';"');
+
+            // update privileges
+            exec('sudo mysql -u root -e "FLUSH PRIVILEGES;"');
 
-            // get status of nginx
-            exec('nginx -v 2>&1', $output);
-            $status = "$output[0] installed";
+            $this->info('Success! \o/ Check /root/mcp.log');
+            file_put_contents(self::MCP_LOG_FILE, "Mariadb installed\nuser:root\npassword:".$password."\n--\n", FILE_APPEND);
 
-            $this->info($status);
-            Log::info($status);
+        } else {
+            $this->error('Failed! /o\\');
         }
     }
 }
diff --git a/composer.json b/composer.json
index 0a2525b..a2243a7 100644
--- a/composer.json
+++ b/composer.json
@@ -17,6 +17,7 @@
     ],
     "require": {
         "php": "^7.2.5",
+        "hackzilla/password-generator": "^1.5",
         "illuminate/log": "^7.0",
         "jenssegers/blade": "^1.3",
         "laminas/laminas-text": "^2.7",
diff --git a/composer.lock b/composer.lock
index 7f4a52d..992c3e4 100644
--- a/composer.lock
+++ b/composer.lock
@@ -4,7 +4,7 @@
         "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#composer-lock-the-lock-file",
         "This file is @generated automatically"
     ],
-    "content-hash": "0e8b08aebfaf581a3ebfba5152ff8a4c",
+    "content-hash": "a22606a0d481725bb8b9a8595631a8b8",
     "packages": [
         {
             "name": "beberlei/assert",
@@ -336,6 +336,46 @@
             ],
             "time": "2020-06-14T09:00:00+00:00"
         },
+        {
+            "name": "hackzilla/password-generator",
+            "version": "1.5.0",
+            "source": {
+                "type": "git",
+                "url": "https://github.com/hackzilla/password-generator.git",
+                "reference": "22c7af49ef46d349d60af0fa30f61dd4dec53330"
+            },
+            "dist": {
+                "type": "zip",
+                "url": "https://api.github.com/repos/hackzilla/password-generator/zipball/22c7af49ef46d349d60af0fa30f61dd4dec53330",
+                "reference": "22c7af49ef46d349d60af0fa30f61dd4dec53330",
+                "shasum": ""
+            },
+            "require": {
+                "php": ">=7.1.0"
+            },
+            "require-dev": {
+                "phpunit/phpunit": "^7.0|^8.0|^9.0"
+            },
+            "type": "library",
+            "autoload": {
+                "psr-4": {
+                    "Hackzilla\\PasswordGenerator\\": ""
+                }
+            },
+            "notification-url": "https://packagist.org/downloads/",
+            "license": [
+                "MIT"
+            ],
+            "authors": [
+                {
+                    "name": "Daniel Platt",
+                    "email": "github@ofdan.co.uk",
+                    "homepage": "http://www.hackzilla.org"
+                }
+            ],
+            "description": "Password Generator Library",
+            "time": "2020-04-06T15:47:25+00:00"
+        },
         {
             "name": "illuminate/cache",
             "version": "v7.18.0",
diff --git a/install.sh b/install.sh
index c67a19d..b3755b3 100755
--- a/install.sh
+++ b/install.sh
@@ -9,7 +9,7 @@ set -o pipefail
 set -o nounset
 
 # installing dependencies
-apt install -y php-cli php-mbstring php-dom git unzip curl composer ufw fail2ban
+apt install -y php-cli php-mbstring php-dom php-mysql git unzip curl composer ufw fail2ban
 
 #
 # configure ufw and start