Execute ALTER ....... WITH PASSWORD '12345', the plaintext password appears in the pg database log, what should I do?

sorintlab / stolon

PostgreSQL cloud native High Availability and more.

https://talk.stolon.io

Apache License 2.0

4.62k stars 443 forks source link

Open luomengY opened 2 years ago

luomengY commented 2 years ago

PG version is 12.1 Execute ALTER ....... WITH PASSWORD '12345', the plaintext password appears in the pg database log, what should I do?

viggy28 commented 2 years ago

I don't think it's a stolon bug.

You should reset the password a) either encrypted https://www.postgresql.org/docs/current/sql-alteruser.html or b) don't log the password reset statement.