txomon
commented
5 years ago This can be currently worked around by setting up the password directly in the settings.json, can't it?
Open akamath46297 opened 5 years ago
txomon
commented
5 years ago This can be currently worked around by setting up the password directly in the settings.json, can't it?
sanderhahn
commented
5 years ago PostgreSQL clients that are based upon libpq also lookup passwords from the pgpass file. Maybe its possible to lookup if passwords are defined at this location? https://www.postgresql.org/docs/current/libpq-pgpass.html
mgabeler-lee-6rs
commented
3 years ago Since .pgpass is not a secure store, I wouldn't advocate for the extension adding to it, but if the password for a server is already stored in that file, using it seems safe?
Though that asymmetry might be rather confusing for some
Users should be able to provide a consent to store the password in the persistent store which the connection manager would utilize for future connections