Results 1 to 6 of 6
Thread: Password for MySQL
-
03-21-2011, 05:12 PM #1WHT Addict
- Join Date
- Mar 2011
- Posts
- 138
Password for MySQL
How insecure is it to have no password on MySQL if it is a local server only accessible via VNC not available to the outside world?
Thanks
P.S. I'm not fully sure this is the right section, but it is a dedicated server so it might be.
-
03-21-2011, 05:15 PM #2Newbie
- Join Date
- Mar 2011
- Posts
- 11
Why should it be insecure if you are the only one having access to the server.
-
03-21-2011, 05:16 PM #3Aspiring Evangelist
- Join Date
- Sep 2010
- Location
- Behind you...
- Posts
- 356
If you bound it to localhost in the config file it is only accessible for the local IP so you would be safe.
file1.info :: 50GB secure cloudstorage with filemanager
-
03-21-2011, 05:18 PM #4WHT Addict
- Join Date
- Dec 2005
- Location
- The Netherlands
- Posts
- 107
Because that would mean your users (if you trust them or not) could also login if they have the proper knowledge.
You have no idea's what customers all 'try' to see what they can do.
If the server is only used by you, no other users are using it, what you are suggesting might be relatively safe. However, how much effort is it to put a password on it (better an easy one than none).
-
03-21-2011, 05:25 PM #5WHT Addict
- Join Date
- Mar 2011
- Posts
- 138
Thanks everybody for the responses, that is what I thought but PhpMyAdmin says 'Your configuration file contains settings (root with no password) that correspond to the default MySQL privileged account. Your MySQL server is running with this default, is open to intrusion, and you really should fix this security hole by setting a password for user 'root'.' which just threw me off a bit.
@Mikej0h I am going to add a password soon, I just wanted to see if it was something that was critical. It's not too much effort but it means changing around a few files to fit the new credentials.
-
03-21-2011, 05:29 PM #6WHT Addict
- Join Date
- Dec 2005
- Location
- The Netherlands
- Posts
- 107
No problem, that's why we are here for...
In general it's always better to put a password on daemons if possible.
Being hacked (whatever the reason might be, let it just be a buggy phpMyAdmin) is never fun, and takes much time to resolve/restore.
Better be safe than sorry.
Similar Threads
-
MySQL Password
By JordanC26 in forum Hosting Security and TechnologyReplies: 5Last Post: 04-04-2009, 01:45 PM -
Mysql Root Password
By persianwhois in forum Hosting Security and TechnologyReplies: 6Last Post: 05-30-2008, 10:12 AM -
what is the password for mysql?
By asyui8 in forum Hosting Software and Control PanelsReplies: 0Last Post: 03-08-2003, 07:31 AM -
MySQL Password Problem
By about2flip in forum Dedicated ServerReplies: 5Last Post: 01-27-2003, 03:18 AM -
MySQL password exploit
By H4H in forum Hosting Security and TechnologyReplies: 1Last Post: 01-21-2003, 08:44 AM