Keep Passwords Secure
- It is convenient, but insecure to connect as follows:
- mysql -u user -ppassword db_name ;
- It is safer to connect as follows:
- mysql -u user db_name ;
Enter password: ********
- It is extremely insecure to store passwords in the
MYSQL_PWD environment variable.
- Only users such as
root that have update access to the mysql database can change the password for other users.
- The safest methods are to have the client program prompt for the password or to specify the password in a properly protected option file.
- On Linux list the password in the
[client] section of the ~/.my.cnf file.
[client]
password=password
- Set the permission mode for the
~/.my.cnf file to be 600.
Does MySQL support secure connections?
© 2007 John Michael Pierobon
Notes
![[OUTLINE]](../images/index.gif)
![[PREVIOUS]](../images/back.gif)
![[NEXT PAGE]](../images/next.gif)
![[CHAPTER 4]](../images/up.gif)