+ The application itself does not log any usernames/passwords.
+ \emph{PDOException}'s end up in the log files however, the database driver implementation
+ could append sensitive data to the exception message.
+ Documentation suggesting users should verify that the database driver they end up using doesn't include sensitive data in exception messages is absent.