When creating a database-driven windows application it is very important to create a database user with specific privileges.
The reason for granting specific privileges to the user account is to assure that if your application falls a victim of disaster/hack, the data is safe and secure.
When you have created a database, create a user that will have access to it. Once you have that created, specify the grants which enable that user to Select, Insert, Update, Delete and etc specific to the database table.
In our example we are going to assume we have a database called “db_Sales” which has 3 tables:
1). Address
2). Orders
3). Deliveries
We have database user as “User” and password as “Password”
GRANT ALL PRIVILEGES ON db_Sales.Address TO 'User'@'%';
GRANT SELECT,INSERT, DELETE ON db_Sales.Orders TO 'User'@'%';
GRANT SELECT,INSERT ON db_Sales.Deliveries TO 'User'@'%';
The code above means that the user will be able to do everything from selecting to deleting a record in the Address table. However, the user will only be allowed to Select, Insert and Delete records on Orders and on Deliveries table, the user can only Select and Insert records. All other commands will be denied keeping the database safe from getting misused.