You should keep it turned off because it can reveal information about your database like column names or queries you are running when an error occurs, which could potentially be used to help a hacker get information from your database if you have a security hole somewhere else.