Generally you should avoid using the default database role (often postgres
) in your application. You should instead create a user with lower levels of privileges. Here we make one called niceusername
and give it a password very-strong-password
CREATE ROLE niceusername with PASSWORD 'very-strong-password' LOGIN;
The problem with that is that queries typed into the psql
console get saved in a history file .psql_history
in the user's home directory and may as well be logged to the PostgreSQL database server log, thus exposing the password.
To avoid this, use the \password
command to set the user password. If the user issuing the command is a superuser, the current password will not be asked. (Must be superuser to alter passwords of superusers)
CREATE ROLE niceusername with LOGIN;
\password niceusername