1) Cookie authentication mode
In cookie authentication mode, phpMyAdmin prompts for a MySQL username and password in a HTML form. The entered password is stored and encrypted with the blowfish algorithm in a temporary cookie. Obviously the user must enable cookies in the browser, but this is now a requirement for all authentication modes.
With this mode, the user can truly log out of phpMyAdmin and log in back with the same username. This is also the only way by which one can log in, if an arbitrary server is enabled.
This mode is preferable in a multi-user environment such as Shared hosting.
NOTE: In this mode, having the mcrypt extension will speed up the access in phpMyAdmin.
2) Config authentication mode
Config authentication mode is the most basic authentication mode. This mode requires to store the username and password in phpMyAdmin configuration file.
But this does not password protect phpMyAdmin; anyone who accesses the correct URL is logged directly in and can manipulate your server. Also anyone who can read your config.inc.php file can read your username and password. If you use config, you must place your server behind a firewall or use your webserver’s authentication and/or authorization methods.
This mode is preferable for troubleshooting problems and single-user installations where root or some similar super-user is used for all administrative work.
3) HTTP authentication mode
In HTTP authentication mode, phpMyAdmin prompts for a MySQL username and password via the web browser. The authentication process is performed via HTTP Basic Authentication and the look of the prompt is determined by the web browser.
This mode provides security over the Config authentication mode and allows multiple users to use the same phpMyAdmin installation.
4) Signon authentication mode
In Signon authentication mode, phpMyAdmin is integrated with SSO system. The user must have have already signed on to the SSO system. When access to phpMyAdmin is requested, phpMyAdmin uses the MySQL username and password from existing SSO session to sign in as the corresponding user. This provides a convenient way of using credentials from another application to authenticate to phpMyAdmin.
This mode is preferable in a multi-user environment with Web Hosting Control Panels such as cPanel or PLESK.
5) Swekey authentication mode
The Swekey is a low cost authentication USB key that can be used in web applications. When Swekey authentication is activated, phpMyAdmin requires the user’s Swekey to be plugged before entering the login page.
If you want to purchase a Swekey, it would be a good idea to visit http://phpmyadmin.net/auth_key, as this link provides funding for phpMyAdmin.
NOTE: This is currently supported for Cookie authentication mode only.
You may go back to the following section.