How to configure phpMyAdmin to address Security Issues

This post is based on the instructions found in Murach's PHP and MySQL book, which I am using as a guide in my PHP Journey and I recommend that you do the same. 

The default location of the phpMyAdmin config file is: C:\xampp\phpmyadmin\config.inc.php

1. Open the config.inc.php file in a text editor.
2. Search for "$cfg['blowfish_secret'] = 'xampp'".  Replace 'xampp' with a random string of up to 46 characters.  This will be the encryption key.
3. Search for "$cfg['Servers'][$i]['auth_type']".  Change the value from 'config'  to 'cookie'.
4. Set the 'user' and 'password' options to empty strings. When you are done, it should look like this:
   
   $cfg['Servers'][$i]['auth_type']            = 'cookie';
   $cfg['Servers'][$i]['user']                 = '';
   $cfg['Servers'][$i]['password']             = '';
   
5. Save your changes.

Now lets check to make sure the changes were made correctly:

1. Open the XAMPP control panel and start Apache and MySQL.
2. Click the "Admin" button next to MySQL to open phpMyAdmin.
3. Log in by specifying "root" as the user.  Leave the password blank, because by default the root user doesn't have a password.
4. Once you have logged in, you should set a password for the root user.  To do this, click "Change password" Under "Actions". And enter a password. You may want to save this password in a password protected file so that you can retrieve it later if you forget what you set it to.

Now you have successfully configured phpMyAdmin.