So this is a new approach… No longer allowing password based auth for the DB root solves a whole lot of possible security snafu’s, but at the expense of some friction in learning ‘the new way’

The idea with the new set-up is that you shouldn’t be using passwords at all.

What’s especially relevant is the contents of /usr/share/doc/mariadb-server-10.0/README.Debian.gz on Ubuntu 16.04:

“Scripts should run as a user have have the required grants and be identified via unix_socket.
So it looks like passwords should no longer be used by applications.”