How MySQL prevents unauthorized clients from accessing the database system?

MySQL implements a sophisticated access control and privilege system that allows us to create comprehensive access rules for handling client operations and effectively preventing unauthorized clients from accessing the database system.

The MySQL access control has two stages when a client connects to the server −

Connection verification

 A client, which connects to the MySQL database server, needs to have a valid username and password. In addition, the host from that the client connects needs to match with the host within the MySQL grant table.

Request verification

once a connection is established successfully, for each statement issued by the client, MySQL checks whether the client has sufficient privileges to execute that particular statement. MySQL has the flexibility to check a privilege at the database, table, and field levels.