Guides & references
Practical guides on database security, read-only user setup, and what to check before connecting your database to any external tool.
Database Setup
How to configure your database for safe, least-privilege access.
How to create a read-only user in MySQL
Step-by-step guide to creating a MySQL user with SELECT-only permissions. Covers database-level and table-level grants, and differences between MySQL 5.7 and 8.0.
How to create a read-only user in PostgreSQL
Step-by-step guide to creating a PostgreSQL user with SELECT-only permissions. Covers schema-level grants, default privileges, and how to scope access to specific tables.
Why you should never connect external tools with your root database user
The principle of least privilege applied to database access. What happens when root credentials are compromised, and why the blast radius matters more than the probability.
How to audit query history in PostgreSQL
How to track what queries have been run against your PostgreSQL database, by whom, and when. Covers pg_stat_statements, log_statement, and the pgaudit extension.
How to restrict a database user to specific tables
Grant SELECT access on individual tables instead of all tables. Use this to hide sensitive data like payments or PII while still enabling analytics on the tables that matter.
Security
Understand the security properties of the tools and protocols you use.
What is AES encryption and how secure is it
A practical explanation of AES-256 encryption — what it is, what it protects against, and what it doesn't. How ByeSQL uses it to protect your database credentials.
What is SQL injection and why it matters for tools that generate SQL
A practical explanation of SQL injection attacks, how parameterized queries prevent them, and what to evaluate when using a tool that generates SQL from natural language.
What your database schema reveals and how to protect it
Table names, column names, relationships, and data types reveal more than most teams realise. What an attacker can infer from schema alone, and practical steps to limit exposure.
Best Practices
Checklists and frameworks for connecting external tools responsibly.
Read-only database user vs BI tool permissions: what's the difference
The two layers of access control when connecting a database tool: OS/DB-level user permissions and application-level enforcement. Why having both matters.
What to check before connecting your production database to any external tool
A practical checklist for evaluating any tool that wants access to your database. Read-only enforcement, credential storage, schema handling, audit logs, and breach scenarios.
How to connect your database securely — a step-by-step guide
A practical walkthrough for connecting your production database to an external tool with minimal risk. Covers user setup, permission scoping, network restrictions, logging, and revocation planning.