2.4 Do Not Reuse Usernames

Warning! Audit Deprecated

This audit has been deprecated and will be removed in a future update.

View Next Audit Version


Database user accounts should not be reused for multiple applications or users.


Utilizing unique database accounts across applications will reduce the impact of a compromised MySQL account. If a user is reused, then a compromise of this user will compromise multiple parts of the system and/or application.

NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.


Add/Remove users so that each user is only used for one specific purpose.

See Also