I have a question about database security. I'm building an application that will have about 100 "admin_users". Each of the 100 users will be tied to a database; my scripts then interact with each of the databases, depending on the admin_user, and retrieve information specific to them. I thought that it would be a good measure of security to set up 2 different username/passwords for each of the databases (one for reading the database and one for writing to the database). Further, I have my database config file outside of my webroot, and away from prying eyes. By having a different password for each database, I thought that if one database got "compromised", none of the others would be affected. On the other hand, since my config file is outside of the web root, is it not true that the ONLY way to get this info would be by gaining access to that file? And, if this is the case, it would seem that I'm only "thinking" that it's more secure by creating 100 different passwords; if they gain access to my config file, then they have access to everything.

So, should I just keep things simple with one username/password for reading and one for writing or are the 100 versions of this worth it?

Thank you,