Due to differing needs and requirements this is difficult to answer except on a case by case basis. The MySQL website has a section regarding general security of a MySQL database available here: http://dev.mysql.com/doc/refman/5.0/en/security.html
-Additionally some good practices are:
-Verify your root MySQL account password is set.
-Make sure that each account has a password set.
-Do not grant global privileges unnecessarily.
-Avoid using wildcards in the hostname value associated with accounts.
-Periodically review users and databases that are setup in MySQL.
-Do not use passwords on the command line. From the command line you can login to MySQL using "shell> mysql –u root –password=somepassword mysql" the problem with this is anyone on the server could view your password with a simple process list command "shell> ps". The correct usage would be: "shell> mysql –u root –p mysql", from this MySQL will prompt your for your password and it will not show up in the process list as plain text.
