At 7:53 -0800 3/3/03, Nicole Lallande wrote:
>I have been working with a software provider whose software db
>configuration uses the default mysql installation (ie, root, no
>password). They contend that since the mysql server itself is not
>shared (ie, installed on a vps for a single user) that there is no
>need to add a password. Are they correct? All the documentation I
>have every read recommends at the very least immediately adding a
>password. Please advise.
No. They're incorrect.
Running as root is an invitation for trouble.
Running without a password is an invitation for trouble.