# PHPMYADMIN security issues



## Twenty (Apr 1, 2006)

Is there a way to make a login for PHPMYADMIN because i let my server run anyone can just go to http://www.sitename.com/phpmyadmin/ and make their own acount and i also dont know how to change the username for it.


----------



## Chroder (Oct 18, 2004)

Find the config.inc.php file and change the line:

```
$cfg['Servers'][$i]['auth_type']     = 'config';
```
To

```
$cfg['Servers'][$i]['auth_type']     = '[B][COLOR="Red"]http[/COLOR][/B]';
```
This will require you to enter the database login details to use PMA.


----------



## Twenty (Apr 1, 2006)

Ok thank you that worked! But how do i edit it because under the same settings files i tryed to change it from root but it wont accept what anything else.


----------



## Twenty (Apr 1, 2006)

So how would i change my username and password?


----------



## Chroder (Oct 18, 2004)

You'll want to create a new user. If this is on localhost, you can run a CREATE USER query (just log in with root first to run this query). Note that you also have to GRANT users permission on each new database you have.

DevArticles has a good walkthrough on how to do this.

If you are using a hosting solution, usually the only way to create new users is by using the control panel (ie. cPanel) unless you actually manage your own server.


----------



## dizzle_deasy (Jul 28, 2006)

Twenty said:


> So how would i change my username and password?


You can also use phpMyAdmin to create a new user if the server is logged in as root. PMA has a very easy GUI for creating users. From the home screen of PMA you click on "Privileges". Now you should have a screen that has "Add a new User" you can click on this to create a user. Then you can give the user global privleges or select a database to give the user privileges. This should be pretty easy to understand once you see it.


----------

