Database Authentication

Access the database with minimal privilege

If your Go web application only needs to read data and doesn't need to write information, create a database user whose permissions are read-only. Always adjust the database user according to your web applications needs.

Use a strong password

When creating your database access, choose a strong password. You can use password managers to generate a strong password or use online web applications that do the same for you - Strong Password Generator.

Remove default admin passwords

Most DBS have default accounts and most of them have no passwords on their highest privilege user.

MariaDB, MongoDB - root/no password

Which means that if there is no password, the attacker could gain access to everything.

Also, don't forget to remove your credentials and/or private key(s) if you're going to post your code on a publicly accessible repository in Github.

results matching ""

    No results matching ""