PMA is not the problem. I know the old UI was creating an user too, but we had an option to choose our chosen username and password. In the new UI, there is no option for doing that when creating a db. Need to do extra step to create a new user and assign permission.old UI were creating an user account with database automatically as well. This user account (that matches DB name) is expected to be used when accessing the DB. Using main DA account and credentials was not a good practice which we are trying to discourage.
I would start with extra safety. When dbname=dbusername that is already too easy. I don't see the need for automatic creation.It would be great if you could share some insight why would you want different DB user names or manually controlled passwords.
usually I have each website in separate account, easier to backup/restore also when hacked due to bad plugins -only one website affected. For DBs - different usernames/dbnames also I always add extra symbols to DB password generated by DA.@Zhenyapan what strategy do you use to derive the DB username from the database name to make sure they are unique and does not clash? Or do you use single username/password for multiple DB access?
Each DB uses different password. Leaking password of one DB does not compromise other DBs. Usernames are not part of the password, and should not be considered to contribute to the security of the system.Also if somebody hacked 1 database, they are all hacked when having same username and pass.
it's low secure.
This is exactly what the DB system does by default. It creates a new user account for each DB for exactly this reason. The DB name and user name are the same to make it easier to work with. Using different user names does not make the system more secure - unless same password is being used, which we are trying to prevent by auto-generating password by default.usually I have each website in separate account, easier to backup/restore also when hacked due to bad plugins -only one website affected.
It does. I don't know how it is now, but in the old days, with cPanel, when creating an account, the default name was first 8 characters of the domain. I really hated it. And nowadays, dictionary attacks happen all the time. It seems much more easier to run scripts with that purpose. So, using different names for user and db, it helps to make the system more secure. Thanks for explanation about password generator, its purpose is making a hard-enough password for avoiding guessing / dictionary attacks, is that correct?Using different user names does not make the system more secure
It seems you are trying to use DB username for the purpose of what password is supposed to do.So, using different names for user and db, it helps to make the system more secure.
Well... let's not assume what each other is trying to do Assumption can lead to many misunderstandings and we will need to write back and forth. My idea is just to make more secure system, and my feeling is that the old way is better than the new one. You have done an extra step with password generator, but if you can bring the old way with username, it would be great. Thank you.It seems you are trying to use DB username for the purpose of what password is supposed to do.
In DA the main account is admin and there are lots of users changing the admin name to another name. Less bruteforces, no matter what the password is. Even with root, there are several options that users can not try to login as root, for this reason. Like disable root login, use ssh keys and such things.Would you rather rename your `root` account or use strong password for it?
n
parameter does nothing, and it stopped working once da build php
command was updated to accept optional PHP version.Because there is no Europe/Amsterdam timezone
Or is this issue with my distro?
timedatectl
timedatectl set-timezone Europe/Amsterdam