2015-12-21 17:57 GMT+03:00 Tom Lane <t...@sss.pgh.pa.us>:
> Robert Haas <robertmh...@gmail.com> writes:
> > On Sun, Dec 20, 2015 at 1:47 PM, Tom Lane <t...@sss.pgh.pa.us> wrote:
> >> The syntax you propose exposes the user's password in cleartext in
> >> the command, where it is likely to get captured in logs for example.
> >> That's not going to do.
> > Of course, right now, the ALTER USER ... PASSWORD command has that
> > problem which is, uh, bad.
> Which is why we invented the ENCRYPTED PASSWORD syntax, as well as
> psql's \password command ... but using that approach for actual
> login to an account would be a security fail as well.
The connection should be secured somehow (SSL/SSH...) to prevent password
thefts. On the other hand, the logging system should not log details of
like ALTER USER ...