How secure is an SQL login using the MYSQL API?
If I get a client app to connect directly to a DB can the password be easily extracted by a 'man in the middle attack' or by the user running the client (wireshark etc..)?
I know best practice would be to have a second server running (so as not to trust the client).
But, overall how secure is it to connect directly?
Thanks in advance :)