MySQL security best practices

Many IBM Cloud® users rely on MySQL for their database solution. Because databases house various important and sensitive information, make sure to secure MySQL databases to protect your information. Security practices for MySQL are dependent upon individual needs and business requirements. However, you can use best practices for getting started. Make sure that you align with the following tips to get a head start in securing your MySQL database.

• Set the root MySQL password.
• Delete the test account and database that were created during the initial installation of MySQL.
• Make sure that each individual MySQL account password is set.
• Grant privileges on an as-needed basis. Avoid granting global privileges unnecessarily.
• Don't use wildcards in the hostname value that is associated with accounts.
• Periodically review an account's MySQL users and databases to make sure that the permissions that are defined are valid.
• Don't use passwords in the command line with the command shell>mysql -u root - password=somepassword mysql

Use the following command to grant any other user with command line access to pull the password with the command shell>ps. Use the command shell>mysql -u root -p mysql to be prompted for password entry, instead. This command secures your password.