Quick question about database password

  • Quick question.

    How secure is the password specified in wp-config.php? Can anyone read that file somehow?

    I’m just wondering whether to use my standard password or think of something unique for this purpose.

    Cheers
    Jeff

Viewing 4 replies - 1 through 4 (of 4 total)

  • Nobody can read your wp-config.php file – that’s what the gurus say. Try on your install: it will be a blank page with blank source code.

    If you have a DB user for your database that MUST already have a password. (I don’t know what standard pw is…)

    Make up a completely random string of letters and numbers and use that. You won’t really ever be using this database password yourself so make it very difficult to guess.

    No, never use an existing password.

    Download KeePass for free and keep all your passwords in an encrypted file on your desktop (and backup).

    Thread Starter jeffhannan

    (@jeffhannan)

    Hi,

    Thanks for the information.

    So, I think I will create a new password just for this purpose – given that it is not one that I will have to enter manually each time. I just enter it once in my site control panel, and once in the wp-config.php file.

    And even if someone manages to read it, it won’t give them access to any other accounts.

    Cheers
    Jeff

Viewing 4 replies - 1 through 4 (of 4 total)
  • The topic ‘Quick question about database password’ is closed to new replies.