I really hate the idea of having a web interface to my database anywhere, no matter how secure they say it is. Social engineering (over direct "hacking") lends itself to circumventing technical security.
No matter their technical security (Although I'm super happy they test phpmyadmin!), I still wouldn't trust it on my servers.
Granted you can lock phpmyadmin down via ip restriction, vpn, etc - that's definitely good, but, if you can forgive a bit of generalization, those measure tend to be above people's head or too restrictive for those using phpmyadmin.
If we do connect to a database using a GUI (usually an app instead of phpmyadmin), however, my preference is through an SSH tunnel. This lets us connect securely (over SSH), and still allow MySQL to not be globally accessible from the outside world - meaning, you can still using MySQL's built-in network security features (bind-address and username hosts, along with firewall restrictions) to lock down MySQL.
Why do you presume that web app has to be run public? You can easily limit access to web app by IP, or you can put it on a private network that you will access through VPN. That would make it more secure than most web services that we trust regularly, like gmail or paypal...
The attack surface for a web application like phpmyadmin is the entire codebase of that application. The attack surface for mysql over an ssh tunnel is basically only the sshd daemon and its authentication configuration.
I think most people would agree which one exposes a greater likelihood of being hacked. Of course you can secure a phpmyadmin installation against even being accessed by attackers (I've done this in the past myself), but there is still a chance of such security measures being accidentally botched compared to the sshd configuration.
I don't feel strongly either way, if you are confident that your security measures on a phpmyadmin installation are solid. I for one, security audit or not, would never expose a phpmyadmin installation on a publicly accessible URL.
No matter their technical security (Although I'm super happy they test phpmyadmin!), I still wouldn't trust it on my servers.
Granted you can lock phpmyadmin down via ip restriction, vpn, etc - that's definitely good, but, if you can forgive a bit of generalization, those measure tend to be above people's head or too restrictive for those using phpmyadmin.
If we do connect to a database using a GUI (usually an app instead of phpmyadmin), however, my preference is through an SSH tunnel. This lets us connect securely (over SSH), and still allow MySQL to not be globally accessible from the outside world - meaning, you can still using MySQL's built-in network security features (bind-address and username hosts, along with firewall restrictions) to lock down MySQL.