Feature request #4823
Add warning when saving PGsql/PostGIS passwords
| Status: | Closed | ||
|---|---|---|---|
| Priority: | Normal | ||
| Assignee: | - | ||
| Category: | GUI | ||
| Pull Request or Patch supplied: | No | Resolution: | fixed |
| Easy fix?: | No | Copied to github as #: | 14669 |
Description
Pgsql/PostGIS passwords are saved in plain text. It would be useful to add a Warning as it is done in PGAdmin3. Example:
Saving passwords
WARNING: You have opted to save your password. It will be stored in plain text in your home directory on *nix systems, or in your user profile on Windows. If you do not want this to happen, please press the Cancel button.
pgAdmin uses PostgreSQL's 'pgpass' mechanism to store your passwords. On *nix systems, the password will be stored in ~/.pgpass, whilst on Windows systems it will be stored in APPDATA\\PostgreSQL\\pgpass.conf (APPDATA is the 'Application Data' folder in your user profile). This mechanism is used by default by all programs that use the libpq library to access the server, which includes command line applications such as pg_dump and pg_restore, other GUI applications, and drivers such as psqlODBC. This means that those applications may automatically connect to the server using your stored password. If you do not want this to happen, you should not use the Store Password option in pgAdmin.
Related issues
History
#1
Updated by Alexander Bruy over 12 years ago
See also #3862
#2
Updated by Jürgen Fischer about 12 years ago
- Resolution set to fixed
- Status changed from Open to Closed
implemented in 72c04ce8