Hello. Already half a year I am writing a program and now I wondered. Do I need to create multiple database users? In my program, each employee has his own login and password, they enter and drive in the work done. Several people at the same time. The question is whether for employees to create a separate user? Or Generally for each employee separately? Or let everyone work under one?

I'm talking about these users. enter image description here

  • Do they work directly in the database, write SQL queries? - Zhukov Roman
  • No, of course)) the program has ui. She herself sends ready requests. - Alexander Rublev

2 answers 2

No, every user working in a company who performs actions in the database should have his own account, because It is possible to separate the duties and conditions of access to the database and control the disconnection of access in case of certain events.

You can track who performs the wrong requests or requests that load the database, disable access if a person left, temporarily stop access in the event of a vacation, see who is trying to merge your entire database (if there is logging). To some account, allow access from the home IP (as is the case, but this is very undesirable, access to the database should not be out of the office or data center at all).

Most of the reasons here are related to information security and it is desirable to observe the separation of accounts. Few companies comply with this rule, and many users work under one account in the office (and that, because access is only from the office), but it so happens that the database leaks along with the dismissal of someone and it is impossible to track who did it in general because of one account and lack of correct logging.

As correctly noted by @gecube, everything depends on the tasks and if you have a program that connects to the database server, then of course you can work through one login, but be sure that your data connections are hidden from the user, but not from the hacker and with the right methods data can be obtained. Maybe you do not have a team of hackers and no one will do it, but everything can be.

The correct solution for such tasks is a client-server application working through a specific API (and the API is already working with the database) and executing commands through an authorization system written for the API with a logging system for the actions performed.

Your application simply misuses the resources of the database, 200 users working with the database are 200 simultaneous connections, whereas on the server you can keep a pool of connections and issue data on demand.

  • I have my own login and password for each employee in the program itself! And the program itself does not allow the user to change or delete entries, if he is not supposed to. Employees will not have direct access to the database in any way! If I have 200 employees, then I need to create 200 users in the database? - Alexander Rublev
  • @Alexander Rublev I repeat that depends on the tasks. Consider this scenario. A particularly clever user - hacks your program, reads the username and password from there to access the database. Then the network connects to the database and kills all its contents. To avoid this, yes, you need to set up a separate account for each user in the database system itself. - gecube
  • If the program is two-component - say, the client part communicates with a certain script on the web server, and it already communicates directly with the database - then for each user account there is no need for a duplicate in the database - gecube
  • I have no client part -> DB - Alexander Rublev
  • one
    @Alexander Rublev, then you can work from under one user and this is logical, but consider for the future that the login and password to the database are not safe to keep, and even with a large number of users and such an architecture, you will have performance problems. - Firepro

Good day!

It all depends on the tasks. The answer of the @Firepro colleague is absolutely correct. But I want to note that there are many ways to divide access rights. See it. If all employees work with a ONE program with a database (that is, one entry point), then it is permissible for this program to have a login and password for accessing the database inside. Here, take all the modern CMS - they have a login-password to enter the database ONE, but the usernames and passwords of users are stored in the database. In the CMS, access rights are also assigned to resources (pages) as certain fields in the database. In this case, there is a nuance that there are no connections to the OUTSIDE database. Those. you can’t just take, steal the login and password and propose any malicious actions with the database.

Think about what else. If you have several projects on the same host, then for each of them EXACTLY you need to have your own login (login-password pair) in the database. But if there are users for each of the projects and they intersect, how will you get them ???

  • Project one! Above, I left a comment! - Alexander Rublev