Thread: what are those 3 passwords for ?

what are those 3 passwords for ?

From

"arnuld uttre"

Date:

13 October 2008, 11:12:15

I see postgres has 3 password mechanism:

 'createuser -d -P arnuld'       -- which will ask for the password
according to P flag used here.
 'createuser -d -P -W arnuld' -- which will ask for the 2 passwords
belonging to P and W flags.
                                                 It does not matter
whether both passwords are same or different.
                                                 because it always
creates the user successfuly.

createdb --owner arnuld -W arnuldforum   -- one password asked because
of W flag.


Now I want to ask , when you pass the username and password to some
forum software like phpbb3, which password you will pass when you can
pass only one ?





--
http://uttre.wordpress.com/2008/05/14/the-lost-love-of-mine/

Re: what are those 3 passwords for ?

From

Tom Lane

Date:

13 October 2008, 12:26:34

"arnuld uttre" <arnuld.mizong@gmail.com> writes:
> I see postgres has 3 password mechanism:
>  'createuser -d -P arnuld'       -- which will ask for the password
> according to P flag used here.
>  'createuser -d -P -W arnuld' -- which will ask for the 2 passwords
> belonging to P and W flags.
>                                                  It does not matter
> whether both passwords are same or different.
>                                                  because it always
> creates the user successfuly.

-P is about the password you intend to give to the new user.  -W is
about the password of the user doing the creating.

I don't recommend using -W, because it will ask you for a password
whether or not the database is actually going to check that password.
This is more likely to be confusing than helpful.  It would appear that
you are using an authentication method that doesn't require a password,
which is why it doesn't matter what you put in for -W.

            regards, tom lane

Re: what are those 3 passwords for ?

From

Bill Moran

Date:

13 October 2008, 12:42:11

In response to "arnuld uttre" <arnuld.mizong@gmail.com>:

> I see postgres has 3 password mechanism:
>
>  'createuser -d -P arnuld'       -- which will ask for the password
> according to P flag used here.
>  'createuser -d -P -W arnuld' -- which will ask for the 2 passwords
> belonging to P and W flags.

In order to create a user, you have to connect as an existing user.
When you use -W, you tell the createuser command to _always_ prompt
for the (existing) password before allowing you to connect, even if
your configuration does not require password authentication.

So, even with the second command, you're still only using 1 password
when you create the account.  I feel that the man page for createuser
explains this pretty well.

--
Bill Moran
Collaborative Fusion Inc.
http://people.collaborativefusion.com/~wmoran/

wmoran@collaborativefusion.com
Phone: 412-422-3463x4023