Is MySQL password secure?

How secure is MySQL?

MySQL provides robust data security to protect data including secure connections, authentication services, fine-grained authorization and controls, and data encryption. This presentation covers: MySQL Authentication and Password Policies.

How MySQL password is encrypted?

MySQL server uses the PASSWORD function to encrypt MySQL passwords for storage in the Password column of the user grant table. The value returned by the PASSWORD function is a hashed string, or NULL if the argument was NULL. The PASSWORD function accepts one parameter which is the string to be encrypted.

Is it safe to store passwords in database?

Storing plain text passwords in the database is a sin. Encryption functions provide one-one mapping between input and output and they are always reversible. If the hacker gets the key, he will be able to decrypt the passwords. The better way would be to use a one way cryptographic hash function.

Are MySQL connections encrypted?

MySQL supports encrypted connections between clients and the server using the TLS (Transport Layer Security) protocol. TLS is sometimes referred to as SSL (Secure Sockets Layer) but MySQL does not actually use the SSL protocol for encrypted connections because its encryption is weak (see Section 6.3.