MySQL security: best practices

MySQL uses unencrypted connections between client and server by default. The authentication procedure of MySQL server checks three scopes: client name/IP address, username and password. The server stores privilege information in the grant tables of the MySQL database. The MySQL server reads the contents of these tables into memory when it starts. Access control decisions are based on the in-memory copies of the grant tables. MySQL provides functions to encrypt and decrypt data values. DES functions allow encryption using the Triple-DES algorithm.