How secure is authentication in mysql protocol?

后端 未结 2 879
野趣味
野趣味 2021-02-15 09:49

My users are using MS Access and ODBC connector to connect to my remote MySQL database. I wonder how secure this is, in the sense of possible password disclosure to 3rd party. I

2条回答
  •  清歌不尽
    2021-02-15 10:21

    Short answer: Yes, the protocol is safe from Eavesdropping and MITM attacks.

    Only if the attacker manages to sniff an authentication attempt AND if the attacker knows the contents of mysql.user, then he can subsequently authenticate against the server. For example if you're using the same password on two different mysql servers and the attacker gains access to one of them, he can also connect to the second server.

提交回复
热议问题