How can I make phpMyAdmin avoid sending MySQL passwords in the clear?
Although phpMyAdmin is an excellent tool for administering MySQL databases, you don’t want to expose your MySQL usernames and passwords to sniffing over the wire by sending them “in the clear.”
The solution, if you are running https, is to simple edit the config.inc.php file like this. The default is FALSE.
$cfg[‘ForceSSL’] = TRUE; // whether to force using https