Description:
Hi,

I've seen that an unauthorized user having access to MySQL workbench application can access and get private information (like having a highly private server address, the username of the server or other information) modify them without protection and connect to database without entering password (if password is stored in vault). We can protect these information for being seen and modified by having the possibilty of placing a password to access the server information, connecting to the database server (if the server password is stored in vault) or even access MySQL Workbench at launch.

For me, and probably many user, it will be a good security enhancement to MySQL Workbench.

Thanks.

Gael

How to repeat:
MySQL workbench can have a security password to protect him from being used by unauthorized user and get information or even modify any data (mysql database included) with application.

Suggested fix:
Add password security to MySQL workbench at launch, access server information (and modify it) and connect to database server (if password is stored in vault).

Access to private information added to Workbench should be controlled using user accounts and other access control mechanisms provided by the Operating System. The password vault is encrypted by the system and is restricted to the owning user's account.

I know that the password for the server is encrypted but I would like the prevent the application from being used without permission when I am not logged out. There are also some information (like my server address) that I want to keep private. If adding a password to the application is really not needed, I will try to find a way to prevent the app from being opened without a password with a application of my own.