Details
The use of the password parameter may negatively impact the confidentiality of the user’s password.
Solution
Use the mysql_config_editor to store authtentication credentials in .mylogin.cnf in encrypted form. If not possible, use the user-specific options file, .my.cnf., and restricting file access permissions to the user identity. Impact: The global configuration is by default readable for all users on the system. This is needed for global defaults (prompt, port, socket, etc). If a password is present in this file then all users on the system may be able to access it.
Supportive Information
The following resource is also helpful.
This security hardening control applies to the following category of controls within NIST 800-53: Identification and Authentication.This control applies to the following type of system Unix.