This is definitely NOT the common case and NO MMORPG does this! This is a HUGE (and I mean really huge!) security risk since you knowingly build an attack vector right into your application! Everyone, really everyone, will be able to sniff what you talk with the database, the password, the username etc. And sorry if this is wrong now, but I assume that even if you would use HTTPS you would either never validate the certificate and/or validate it wrong (eg. trust every root certificate) resulting in easy to do man in the middle attacks giving you no security at all.

Please, consider that your users are trusting YOU with THEIR data, assuming that you are able to deal with this correctly. What you are trying to do is virtually spitting every single customer in the face and then laughing at them. Do you really want to do this? Do you want to be treated like this as a customer?