Encrypting data
By default, PostgreSQL internally encrypts sensitive data, such as roles' passwords. However, database users can also encrypt and decrypt sensitive data using the pgcrypto
extension.
PostgreSQL role password encryption
When creating a role with password and login options, one can see the role's details in the pg_shadow
catalog relation. Note that it is not recommended to use the following format to create the password because the statement can appear in pg_stat_activity
or the server logs:
CREATE ROLE <role_name> WITH LOGIN PASWWORD 'role_password';
The passwords in pg_catalog
are encrypted with a slat by default, as shown in the following example. Note how passwd
for the a
and b
roles are different even though they have the same ...
Get Learning PostgreSQL now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.