Обсуждение: How to mask password when using ALTER USER syntax in psql.

Greetings,

I am using versions 7.4 and 8.3.7.
I have not discovered a way to obfuscate the password when changing it
in psql with ALTER USER syntax.
The password displays in clear text at the command line AND in the log file.
Why is this?
Or am I missing something obvious in the documentation?
Thanks.

Ken Banyas

The documentation for 8.3 states:

ALTER USER is now an alias for ALTER ROLE.

Under the entry for ALTER ROLE it says:

Caution must be exercised when specifying an unencrypted password with
this command.  The password will be transmitted to the server in
cleartext, and it might also be logged in the client's command history
or the server log.  psql contains a command \password that can be used
to safely change a role's password.



Kenneth Banyas wrote:
> Greetings,
>
> I am using versions 7.4 and 8.3.7.
> I have not discovered a way to obfuscate the password when changing it
> in psql with ALTER USER syntax.
> The password displays in clear text at the command line AND in the log file.
> Why is this?
> Or am I missing something obvious in the documentation?
> Thanks.
>
> Ken Banyas
>
>

Lewis Kapell <lkapell@setonhome.org> writes:
> ... psql contains a command \password that can be used
> to safely change a role's password.

FWIW, all that's doing is pre-encrypting the password and sending
ALTER ROLE WITH ENCRYPTED PASSWORD '...';

            regards, tom lane

Kenneth Banyas wrote:
> Greetings,
>
> I am using versions 7.4 and 8.3.7.
> I have not discovered a way to obfuscate the password when changing it
> in psql with ALTER USER syntax.
> The password displays in clear text at the command line AND in the log file.
> Why is this?

Perhaps you could try \password in psql.

--
Alvaro Herrera                                http://www.CommandPrompt.com/
PostgreSQL Replication, Consulting, Custom Development, 24x7 support