PhpMyAdmin is a really great tool.
It's also a really great tool with a history of exceptionally serious security issues.<p>If you run PhpMyAdmin on an Internet-accessible server please please please add some security above and beyond what the application provides.<p>1) Use web-server based IP-address based restrictions to allow/deny connections only from trusted hosts.<p>2) Please run it over HTTPS, as it passes mysql passwords around plaintext when you use cookie or www-auth authentication.<p>3) Use an additional .htaccess in front of PhpMyAdmin's basic www-auth.<p>4) Do not host it at /phpmyadmin in your docroot.<p>5) Maybe consider running it only on a virtualhost listening on a different port.