Creating a password
To create a password, head to your database overview page at
https://app.planetscale.com/<ORGANIZATION>/<DATABASE_NAME>and click on the "Connect" button.
On this dialog, click the
New passwordbutton. This will generate a unique username & password pair that can only be used to only access the
mainbranch of your database. Take note of this password, as you won't be able to see it again.
Once created, you can browse the connection string in different framework formats by selecting the framework in the "Connect with" dropdown. This will also show you all of the files you need to modify to get connected with PlanetScale in your framework or language of choice.
Once you've created the password, you can head over to the "Passwords" settings page available at
Organization > Database > Settings > Passwords to manage them.
mainon this page.
Clicking on the
... icon on the row for your password allows you to pull up the connection string (except the password), rename it, or delete it.
Renaming a password
Since the username & password pair is unique, the only metadata you can edit is the
display name of the password.
Deleting a password
Deleting a password will invalidate the username & password pair and disconnect any active clients using this password.
Native MySQL authentication support
Use the tools you're familiar with to connect to PlanetScale databases. PlanetScale supports both MySQL native authentication, which is widely used to provide a secure connection to MySQL servers, and MySQL Caching SHA-2 authentication, which is the most secure authentication mechanism to connect to MySQL. Based on your application needs and platform support, you can switch between the authentication modes, with the same password.
For a list of tested MySQL GUI clients, review our article on how to connect MySQL GUI applications.
Strong security model
PlanetScale Passwords are created for use with a single database branch. This strong security model allows you to generate passwords that are tied to a branch, and cannot access data/schema from another branch.
Disconnect clients by deleting passwords
PlanetScale automatically disconnects clients that are using a deleted password. Head on over to the
Organization > Database > Settings > Passwords page on your database branch to delete passwords for that branch. It may take up to five minutes for all active clients to be disconnected.
No plain text password storage
PlanetScale only stores hashes and metadata about your database passwords. To add an extra layer of security to your database, we do not store any passwords in plain text.
GitHub Secret Scanning integration
All passwords and service tokens generated for use with PlanetScale databases are part of GitHub's Secret Scanning program. If any database passwords or service tokens are committed in plain text to any public GitHub repository, we will be notified and take corrective action to delete the access tokens and cut off their access.