On Wed, 26 Mar 2008 10:43:48 -0300 Alvaro Herrera <[EMAIL PROTECTED]> wrote:
> Heikki Linnakangas wrote: > > Magnus Hagander wrote: > >> + fprintf(output, _(" \\password [USERNAME]\n" > >> + " securely > >> change the password for a user\n")); > > > > I would leave out the word "securely". Unless you want to provide > > another command for changing it insecurely ;-). What does it mean, > > anyway? > > The point is that the password is encrypted on the client and > transmitted in md5 form. If you were to use ALTER USER to change the > password, it could end up unencrypted in the server log. That, and it will go over the network in plaintext. And it will go in your .psql_history. \password closes all these. //Magnus -- Sent via pgsql-patches mailing list (pgsql-patches@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-patches