I would think that the only IP you would want to have access to your DB would be your web server. Unless of course you are planning to allow all kinds of unwanted visitors prowling around in your machine. No password protection on your root user is kinda like advertising for trouble.
-- Allen Rehmann
