The officially sanctioned function for this is now PQencryptPassword() in libpq. Please consider using it when available.
I wrote: > Commands like CREATE USER foo PASSWORD 'bar' transmit the password in > cleartext and possibly save the password in various client or server > log files. I have just fixed this for psql and createuser to encrypt > the password on the client side. A quick check of the pgadmin3 source > code shows that you are also affected by this issue. I ask you to > check where you paste cleartext passwords into SQL commands and change > those to encrypt the password before sending or storing it anywhere. > The required function pg_md5_encrypt() is contained in libpq. ---------------------------(end of broadcast)--------------------------- TIP 6: explain analyze is your friend