Feature #4823
Add warning when saving PGsql/PostGIS passwords
| Status: | Closed | Start Date: | 01/16/2012 | |
|---|---|---|---|---|
| Priority: | Normal | Due date: | ||
| Assigned to: | - | % Done: | 0% |
|
| Category: | GUI | |||
| Target version: | Version 1.7.4 | |||
| Platform: | Resolution: | fixed | ||
| Platform version: | Patch supplied: | No | ||
| Status info: |
Description
Pgsql/PostGIS passwords are saved in plain text. It would be useful to add a Warning as it is done in PGAdmin3. Example:
Saving passwords
WARNING: You have opted to save your password. It will be stored in plain text in your home directory on *nix systems, or in your user profile on Windows. If you do not want this to happen, please press the Cancel button.
pgAdmin uses PostgreSQL's 'pgpass' mechanism to store your passwords. On *nix systems, the password will be stored in ~/.pgpass, whilst on Windows systems it will be stored in APPDATA\PostgreSQL\pgpass.conf (APPDATA is the 'Application Data' folder in your user profile). This mechanism is used by default by all programs that use the libpq library to access the server, which includes command line applications such as pg_dump and pg_restore, other GUI applications, and drivers such as psqlODBC. This means that those applications may automatically connect to the server using your stored password. If you do not want this to happen, you should not use the Store Password option in pgAdmin.
History
Updated by Alexander Bruy over 1 year ago
See also #3862
Updated by Jürgen Fischer over 1 year ago
- Status changed from New to Closed
- Resolution set to fixed
implemented in 72c04ce8