Lenz Grimmer recently wrote two blogs about password security on MySQL. Both are worth reading in detail. You’ll find them in Basic MySQL Security: Providing passwords on the command line and More on MySQL password security.
Although I wrote a comment on the latter one, there is one point I thought was worth its own blog.
GRANT … IDENTIFIED BY PASSWORD…
You can work around having to specify the password in the open following these steps:
- Use a local or non-public instance (for example using MySQL
Sandbox) to define the user / password combination you need:
CREATE USER 'name'@'host' IDENTIFIED BY 'secret';