Database Security and Encryption
As a brief conclusion to this chapter, I should mention a few of the security issues to consider when using and administering your databases. Then I will demonstrate a few more MySQL functions that can be used to encrypt and decrypt data.
If you have administrative-level control over your database, you should keep in mind the following:
Do not allow anonymous users to connect to MySQL.
Always require a password to connect to MySQL.
Require users to also specify a hostname. This limits from what computers users can and cannot access MySQL (although this requirement can be tedious).
Assign each user the absolute minimum required privileges.
Limit the root user to localhost access only.
Delete the ...