When connecting to a MySql server with DBI->connect: $dsn = "dbi:mysql:$database:localhost:3306"; $dbh = DBI->connect($dsn, $username, $password)
is the password sent in the clear? If so, how can this be dealt with? I actually don't care about hiding the plaintext password in the perl source file or encrypting the connection with the database, I just don't want the world to see my password when it goes out over the network. Is that so much to ask for? I would think this would be an obvious issue but as far as I can tell, nobody has ever asked this question before in the history of the internet. Apparently a direct command line connection to a MySql server will not send the password in the clear: mysql -u andrew732 -p -h 123.456.789.876 but even that took me several hours of googling to figure out. I'm not new to Perl but I'm new to databases; is there a good reason that nobody seems to care about password security when it comes to databases? I would love to be enlightened! Thanks~
