From fc177ef00569aa58d5bdc796f1513189d09799fa Mon Sep 17 00:00:00 2001 From: Marc Delisle Date: Wed, 12 Dec 2001 22:14:04 +0000 Subject: [PATCH] *** empty log message *** --- Documentation.html | 27 +++++++++------------------ 1 file changed, 9 insertions(+), 18 deletions(-) diff --git a/Documentation.html b/Documentation.html index a79fb1290..3eb262da9 100755 --- a/Documentation.html +++ b/Documentation.html @@ -146,7 +146,7 @@

Introduction

- phpMyAdmin can administer a whole MySQL-server (needs a super-user) + phpMyAdmin can manager a whole MySQL-server (needs a super-user) but also a single database. To accomplish the latter you'll need a properly set up MySQL-user who can read/write only the desired database. It's up to you to look up the appropiate part in the @@ -423,7 +423,7 @@

  • Cookie authentication mode ($auth_type = 'cookie') as introduced in - 2.2.4 allows you to log in as any valid MySQL user with the + 2.2.3 allows you to log in as any valid MySQL user with the help of... cookies. Log name and password are stored in cookies during the session and password are deleted when it ends. @@ -438,25 +438,16 @@

    • - Using http or cookies authentication modes are recommended: - + Http or cookie authentication modes are recommended in a multi-user + environment where you want to give users access to their own database + and don't want them to play around with others. +

    - http or cookies authentications are secure as the MySQL passwords does + http or cookie authentication modes are secure: the MySQL passwords does not need to be set in the phpMyAdmin configuration file. (except for the "standard user" -see above-).
    - If security is your main concern, always prefer the http authentication - mode. + In cookie mode, we send the password in a temporary cookie, so most + browsers should not store the password in their cookie file.

    Please see the install section on "Using http authentication"