Information
The [client] section of the MySQL configuration file allows setting a user and password to be used. Verify the password option is not used in the global configuration file (my.cnf).
Rationale:
Using the password parameter may negatively impact the confidentiality of the user's password.
Impact:
The global configuration is by default readable for all users on the system. This is needed for global defaults (prompt, port, socket, etc.). If a password is present in this file then all users on the system may be able to access it.
Solution
Use the mysql_config_editor to store authentication credentials in .mylogin.cnf in encrypted form.
If not possible, use the user-specific options file, .my.cnf., and restricting file access permissions to the user identity.