Thread: Postgres User Can Login without a password
Hi there,
I have a situation that is a bit strange.
I discovered today that I can login in programs like EMS SQL Manager and in the internal software (via ODBC) without using the password for the user.
Example:
Configuration on the ODBC:
datasource: postgres
database: Postgres
server: "IP"
user: 123456
password: 123456
The software connect to the ODBC getting the configs of the data source.
And when I clear the password in the ODBC the software continues to work, without a passwd error.
I certified with the programers, and the software doesn't pass the password.
So, reading a little bit, I discovered that possibly my pg_hba.conf is wrong.
I tried to change the "auth-method", but or I couldn't connect to the base (if I pass the user and the passwd) or I connected without the passwd.
If someone get a ideia of what to do in this case, would be greatful.
Tnhks all,
Rafael
I have a situation that is a bit strange.
I discovered today that I can login in programs like EMS SQL Manager and in the internal software (via ODBC) without using the password for the user.
Example:
Configuration on the ODBC:
datasource: postgres
database: Postgres
server: "IP"
user: 123456
password: 123456
The software connect to the ODBC getting the configs of the data source.
And when I clear the password in the ODBC the software continues to work, without a passwd error.
I certified with the programers, and the software doesn't pass the password.
So, reading a little bit, I discovered that possibly my pg_hba.conf is wrong.
I tried to change the "auth-method", but or I couldn't connect to the base (if I pass the user and the passwd) or I connected without the passwd.
If someone get a ideia of what to do in this case, would be greatful.
Tnhks all,
Rafael
On Thu, Jul 31, 2008 at 1:08 PM, Rafael Domiciano <rafael.domiciano@gmail.com> wrote: > Hi there, > > I have a situation that is a bit strange. > I discovered today that I can login in programs like EMS SQL Manager and in > the internal software (via ODBC) without using the password for the user. > > Example: > Configuration on the ODBC: > datasource: postgres > database: Postgres > server: "IP" > user: 123456 > password: 123456 > > The software connect to the ODBC getting the configs of the data source. > And when I clear the password in the ODBC the software continues to work, > without a passwd error. > I certified with the programers, and the software doesn't pass the password. You're likely logging in from the same machine and pg_hba.conf is set to ident authentication. Change your pg_hba.conf back to ident or trust, and run this command: alter user postgres set password='password'; changing 'password' of course Then change pg_hba.conf to md5 authentication.