“.. encrypt any passwords that are stored locally. I know that the tool currently can't do that”. Well – we 'obfuscate' the password in sqlyog.ini (but not in SJA jobfiles currently). User will not be able to see the password in plain text.
” .. so that users don't have the option to store their passwords” .. well users can store any password locally but if they do not have UPDATE privilege to the mysql.user table on the server they cannot change their password – and will not be able to connect if they do stroe locally. It is the server admin that should take care of this. I believe you do not really understand the MySQL privilege system like described here: http://dev.mysql.com/doc/refman/5.1/en/privilege-system.html
Passwords are server settings – not client setting. GRANT privileges for users to what databases they need – and not the 'mysql' database. And even if you GRANT SELECT privilege for users (what is required in few situations) to mysql.users table it will still be hashed and not visible in plain text.
