Possibly another way to get username and password: If database and "secret" C++ code run or can run on different machines, connect both machines with a hub (or a managed switch with a "monitor" port), connect a third machine running wireshark, trace packages send from the client to the database. My guess is that the database does not encrypt communication, at least not by default. Probably, wireshark knows the database protocol. In the best case, username and password are send in plain text over the wire.
Today I will gladly share my knowledge and experience, for there are no sweeter words than "I told you so". ;-)