Connecting to the server
mysql -h localhost -u root
The commands below asume the existance of the default databases. If this is not true take a look at securing a default MySQL installation.
Selecting a specific MySQL database
use database # example
use mysql;
Listing tables in the selected database
show tables;
Viewing the structure of a specific table
describe table;
Retrieving some data
We’re interested to see if the root accounts (there are usually more than one, one for each possible host like 127.0.0.1, localhost, actual hostname) have set passwords.
mysql> select Host,User,Password from user;
We can see above that none of the defined account has a set password. This is a serious security hazard.
Setting passwords
set password for root@localhost = password (‘your_password’);
As you can see the password is stored encrypted into the database.
Deleting rows (data entries)
We’re especially interested to delete the root mysql users that don’t have a set password.
delete from user where User = ‘root’ and Password = ”;
Creating a MySQL root account
grant all privileges on mysql.* to admin@localhost identified by ‘light’;
After an user modification you should flush user privileges
flush privileges;
After setting the mysql root password you will no longer be able to login to root without supplying the root password.
More (official) reference on MySQL users.