On Thu, May 29, 2003 at 13:18:01 -0500,
nolan@celery.tssi.com wrote:
> > This is the second worst possible reason I can imagine for a feature
> > like this. Passwords coded into the frontend ... gosh!
>
> Depending on the application, coding a password into the front end can
> be a necessary condition. Think of a PHP web page script that makes
> database calls. How are you going to prevent other unauthorized
> connections from that system? Passwords aren't a perfect security
> device, but they're generally better than no password.
You can use ident authentication.
> I could see some merit to a 'LOCK' option on the alter user command, so that
> the password can only be changed by a superuser.
That would only be useful if the account was shared, which is normally a bad
idea.