• +91 9723535972
  • info@interviewmaterial.com

My SQL Interview Questions and Answers

Related Subjects

MS SQL Interview Questions and Answers  |  Oracle Interview Questions and Answers  |  Tera Data Interview Questions and Answers  |  MongoDB Interview Questions and Answers  |  Neo4J Interview Questions and Answers  |  Cosmos DB Interview Questions and Answers  |  Data Warehouse Interview Questions and Answers  |  DBMS Interview Questions and Answers
Question - Keeping Your Password Secure ?

Answer - It is inadvisable to specify your password in a way that exposes it to discovery by other users. The methods you can use to specify your password when you run client programs are listed below, along with an assessment of the risks of each method: Never give a normal user access to the mysql.user table. Knowing the encrypted password for a user makes it possible to login as this user. The passwords are only scrambled so that one shouldn't be able to see the real password you used (if you happen to use a similar password with your other applications). Use a -pyour_pass or --password=your_pass option on the command line. This is convenient but insecure, because your password becomes visible to system status programs (such as ps) that may be invoked by other users to display command lines. (MySQL clients typically overwrite the command-line argument with zeroes during their initialization sequence, but there is still a brief interval during which the value is visible.) Use a -p or --password option (with no your_pass value specified). In this case, the client program solicits the password from the terminal: shell> mysql -u user_name -p Enter password: ******** The `*' characters represent your password. It is more secure to enter your password this way than to specify it on the command line because it is not visible to other users. However, this method of entering a password is suitable only for programs that you run interactively. If you want to invoke a client from a script that runs non-interactively, there is no opportunity to enter the password from the terminal. On some systems, you may even find that the first line of your script is read and interpreted (incorrectly) as your password! Store your password in a configuration file. For example, you can list your password in the [client] section of the `.my.cnf' file in your home directory: [client] password=your_pass If you store your password in `.my.cnf', the file should not be group or world readable or writable. Make sure the file's access mode is 400 or 600. You can store your password in the MYSQL_PWD environment variable, but this method must be considered extremely insecure and should not be used. Some versions of ps include an option to display the environment of running processes; your password will be in plain sight for all to see if you set

Comment(S)

Show all Coment

Leave a Comment

 | 

NCERT Solutions

 

Share your email for latest updates

Name:
Email:

Latest News

10000+ interview questions in different categories

Freshers and experienced

Testimonial

NCERT Questions Answers

We are group of professionals with the same objective for helping school students who are struggling in NCERT Questions Answers. We are just sharing our knowledge for the students and helping them by providing Questions Answers.

Halpura.com

At Halpura we are reimagining the actual potentials of quality information resources reaching people across the globe to make an everlasting impact.

Our partners