MySQL security best practices
Many IBM Cloud® users rely on MySQL for their database solution. Because databases house various important and sensitive information, make sure to secure MySQL databases to protect your information. Security practices for MySQL are dependent upon individual needs and business requirements. However, you can use best practices for getting started. Make sure that you align with the following tips to get a head start in securing your MySQL database.
- Set the root MySQL password.
- Delete the test account and database that were created during the initial installation of MySQL.
- Make sure that each individual MySQL account password is set.
- Grant privileges on an as-needed basis. Avoid granting global privileges unnecessarily.
- Don't use wildcards in the hostname value that is associated with accounts.
- Periodically review an account's MySQL users and databases to make sure that the permissions that are defined are valid.
- Don't use passwords in the command line with the command
shell>mysql -u root - password=somepassword mysql
Use the following command to grant any other user with command line access to pull the password with the command shell>ps
. Use the command shell>mysql -u root -p mysql
to be prompted for password entry, instead.
This command secures your password.
More resources
Start with the MySQL security guidelines that are based on the version of MySQL that is on your device:
MySQL has various extra resources that are not managed by IBM Cloud® that might be helpful. You can also find resources that are not managed by MySQL. Find these resources by searching for "MySQL Security" in any search engine. Because third-party resources are not maintained by the makers of MySQL, use this information with caution. As with all resources, use trusted sites and refer to official documentation and support sites whenever possible.