Vicon posted
Hello, good morning, I have a big question, although I know it is a basic one. When the server requires HeidiSQL to manage and has no password, for example, someone logs in with the user "root" and leaves the password field empty, using localhost, is this dangerous? Can someone connect through another HeidiSQL by pointing to the IP, or is there any way for someone to connect to HeidiSQL and access this database just by the IP because it has no password? It is the user root and the password field is empty?
A BIG NEWBIE QUESTION
ansgar posted
3 months ago
Yes, an empty password is insecure. Do not create users without a password.
The server may be secured by other ways, for instance a firewall, or without network access, to make it safer. But it's always a good practice to use passwords.
JAB Creations posted
3 months ago
Please create threads with useful titles. In example: "Is an empty password for localhost insecure?" as people searching for the same answer may come across your thread.
Please login to leave a reply, or register at first.
Database powered by MariaDB
HeidiSQL is proudly built with Embarcadero Delphi
