By default, a MySQL installation is insecure. MySQL comes with a “root” user with a blank password, and an “anonymous” user, for testing purposes. To protect your data we strongly recommend you set a password for the “root” user and remove anonymous-user accounts.

MySQL ships with a script that guides you through these steps. Run the script as follows:

$ mysql_secure_installation

The script will ask you which changes it should make.

You can find more information about MySQL security in the MySQL documentation.