PDA

View Full Version : MySql + phpMyAdmin



wgh
13th July 2006, 12:56 AM
When I put MySql on my website (I'm also using phpMyAdmin), what is the best authentication method from a security standpoint? Would it be config or http?

Jman
14th July 2006, 03:26 AM
config is essentially no authentication since it is in the configuration file.

I suggest you read the phpmyadmin documentation. It said:
Http and cookie authentication modes are more secure: the MySQL password does not need to be set in the phpMyAdmin configuration file (except for the "controluser" -see the Configuration section-).
However, keep in mind that the password travels in plain text, unless you are using the https protocol.
In cookie mode, we send the password in a temporary cookie, so most browsers should not store the password in their cookie file.