|The PostgreSQL 9.0 Reference Manual - Volume 3 - Server Administration Guide
by The PostgreSQL Global Development Group
Paperback (6"x9"), 274 pages
RRP £9.95 ($14.95)
Sales of this book support the PostgreSQL project! Get a printed copy>>>
5.3.2 Password authentication
The password-based authentication methods are
password. These methods operate
similarly except for the way that the password is sent across the
connection, namely MD5-hashed and clear-text respectively.
If you are at all concerned about password
“sniffing” attacks then
md5 is preferred.
password should always be avoided if possible.
md5 cannot be used with the
db_user_namespace feature. If the connection is
protected by SSL encryption then
password can be used
safely (though SSL certificate authentication might be a better
choice if one is depending on using SSL).
PostgreSQL database passwords are
separate from operating system user passwords. The password for
each database user is stored in the
catalog. Passwords can be managed with the SQL commands
CREATE USER and
CREATE USER foo WITH PASSWORD 'secret'.
If no password has been set up for a user, the stored password
is null and password authentication will always fail for that user.
|ISBN 9781906966072||The PostgreSQL 9.0 Reference Manual - Volume 3 - Server Administration Guide||See the print edition|