[terwey]

You can setup an SSH tunnel to your remote machine. Some DB explorers offer this tunneling out of the box (e.g. Sequel Pro for Mac).

Top hit on Google for how to setup a SSH tunnel for MySQL: https://linuxize.com/post/mysql-ssh-tunnel/

[ngranja19]

Oh, but that is what I do, I set up an ssh tunnel, so I'll change it, thanks!

[GauntletWizard]

You should post again on what you're going to change, because i (at least) read that advice both ways, and I want to make sure you're reading it the way that was intended.

If your database is open to 127.0.0.1/{8,24,32}, it is open only to the local host; that is the non-routable localhost address and it's not accessible to the internet.

If your database is open to 0.0.0.0/0, it is open to the internet and anyone can attempt login. This is bad. Presumably you also still need a password, but never assume. Always have defense in depth - at least two things need to go wrong/be wrong before you're compromised.