Re: Bug Report - PGAdmin3 windows pgpass.conf passwords stored in plain text - Mailing list pgadmin-support

From Dave Page
Subject Re: Bug Report - PGAdmin3 windows pgpass.conf passwords stored in plain text
Date
Msg-id 46545DFD.8040807@postgresql.org
Whole thread Raw
In response to Bug Report - PGAdmin3 windows pgpass.conf passwords stored in plain text  ("Joe Moyle" <jmoyle@paymetric.com>)
List pgadmin-support
Joe Moyle wrote:
> I'm working on my first PostgreSQL project.  We are attempting a proof
> of concept.  I'm using PGAdmin 3 v1.6.2 on a Windows XP Pro workstation.
> I like the option to 'Save Password' because I'm generally lazy and
> don't want to type in the password every time I log on.  
> 
> While doing some poking around I discovered that the passwords in the
> pgpass.conf file are stored in plain text.  I consider this a bug.  
> 
> Being new to PGS and not fully understanding all the implications I set
> up my database to use MD5 for password encryption.  So, I attempted to
> replace the plain text password in pgpass.conf with the MD5 encrypted
> one hoping that PGA3 would see the MD5 as the first few characters and
> realize that it didn't have to encrypt the password before sending it to
> the server.  No such luck.
> 
> I searched the Known Issues and didn't see this listed as a problem.  I
> searched the TODO list and didn't see any mention of this problem.  I
> realize that the work around is to simply not make use of the 'store
> password' option but then I can't help but wonder why the 'store
> password' option exists in the product.
> 
> Would the 'powers that be' list this as a bug and add it to the TODO
> list?

This is how PostgreSQL's libpq requires the file to be formatted.

Regards, Dave.


pgadmin-support by date:

Previous
From: yoursoft
Date:
Subject: Re: Bug Report - PGAdmin3 windows pgpass.conf passwords stored in plain text
Next
From: Joshua Kramer
Date:
Subject: Re: Bug Report - PGAdmin3 windows pgpass.conf passwords stored in plain text