The following bug has been logged on the website:
Bug reference: 8628
Logged by: Robert Nichols0n
Email address: rob@northleaf.com
PostgreSQL version: 9.3.1
Operating system: Ubuntu Desktop 64 bit
Description:
I am able to login without a password when the password field is null. If
the field is not null the functionality seems normal, I get rejected unless
the password is correct. This makes password based login ridiculous. Is
this a bug or designed in? I login with my own code (Qt based) or with
pgAdmin III and I find the same bug. Is it not possible to require a
password at login?
My pg_hba.conf is:
# TYPE DATABASE USER ADDRESS METHOD
# "local" is for Unix domain socket connections only
#local all all md5
# IPv4 local connections:
hostssl all all 127.0.0.1/32 md5
# IPv6 local connections:
#host all all ::1/128 trust
Thank you.