Software Engineer

PostgreSQL accepts any or no password when connecting

When connecting to the database with the postgres user I realized it accepts any password or no password even though the user has a password set. I don’t know if this happens also when using the installer to install PostgreSQL, in my case I used initdb to set it up. I remember it mentioned something regarding “trust” after setting it up but didn’t take much notice until I realized it accepts any password.

In pg_hba.conf it adds all local connections to be trusted which means connecting from the same host doesn’t need to authenticate.

host    all             all             127.0.0.1/32            trust

If you don’t like that just change it to another method, for example md5.

1 Comment

  1. Nilo César Teixeira

    Awesome, thanks for clarifying this!

Leave a Reply

Your email address will not be published. Required fields are marked *

© 2024 Matthias Schoettle

Theme by Anders NorenUp ↑