Re: Bug Report - PGAdmin3 windows pgpass.conf passwords stored in plain text

Joe Moyle wrote:
> I'm working on my first PostgreSQL project.  We are attempting a proof
> of concept.  I'm using PGAdmin 3 v1.6.2 on a Windows XP Pro workstation.
> I like the option to 'Save Password' because I'm generally lazy and
> don't want to type in the password every time I log on.  
> 
> While doing some poking around I discovered that the passwords in the
> pgpass.conf file are stored in plain text.  I consider this a bug.  
> 
> Being new to PGS and not fully understanding all the implications I set
> up my database to use MD5 for password encryption.  So, I attempted to
> replace the plain text password in pgpass.conf with the MD5 encrypted
> one hoping that PGA3 would see the MD5 as the first few characters and
> realize that it didn't have to encrypt the password before sending it to
> the server.  No such luck.
> 
> I searched the Known Issues and didn't see this listed as a problem.  I
> searched the TODO list and didn't see any mention of this problem.  I
> realize that the work around is to simply not make use of the 'store
> password' option but then I can't help but wonder why the 'store
> password' option exists in the product.
> 
> Would the 'powers that be' list this as a bug and add it to the TODO
> list?

This is how PostgreSQL's libpq requires the file to be formatted.

Regards, Dave.