In order to provide the up/down arrow command history, the mysql program stores anything you type in the file .mysql_history in your home directory. For most commands this is ok but what about grant statements?
If you regularly use grant or update statements to add or modify users and passwords, then anyone with read access to the file .mysql_history can see the usernames and passwords required to gain access to your database.
To avoid such security traps just use your favourite text editor and delete the offending lines from the file ~/.mysql_history. Do this each time you issue a grant or update statement containing a password and your site will be much more secure.