On 10/29/14 3:41 PM, Jim Nasby wrote: > On 10/29/14, 2:33 PM, Tom Lane wrote: >> Capture the postmaster log. Keep on capturing it till somebody >> fat-fingers their login to the extent of swapping the username and >> password (yeah, I've done that, haven't you?). > > Which begs the question: why on earth do we log passwords at all?
We don't. > This is a problem for ALTER ROLE too. Only if you use the non-encrypted forms. -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
