Most users concentrate on MySQL's databases and tables — after all, that's where most of the action takes place — and they don't usually look deeper to understand how it handles access privileges, passwords, and security. This approach is usually more than adequate for most development activities — unless you happen to be a database administrator whose job involves setting up and securing the databases against unauthorized usage or malicious mischief.
With that in mind, this chapter examines the MySQL access control system and throws some light on the MySQL grant tables. These tables, which are an integral part of the server's security system, offer database administrators a great deal of power and flexibility in deciding the rules that govern access to the system. Additionally, this chapter also discusses the management of user accounts and passwords in the MySQL access control system, explaining how passwords (especially the all-important root password) can be modified and how to reset a lost superuser password.