How do I change the password for a PostgreSQL user?
asked Oct 4, 2012 at 5:45
3
To log in without a password:
sudo -u user_name psql db_name
To reset the password if you have forgotten:
ALTER USER user_name WITH PASSWORD 'new_password';
rmtheis
5,79812 gold badges60 silver badges76 bronze badges
answered Oct 4, 2012 at 5:55
solaimuruganvsolaimuruganv
25.8k1 gold badge18 silver badges23 bronze badges
22
To change the PostgreSQL user’s password, follow these steps:
-
log in into the psql console:
sudo -u postgres psql -
Then in the psql console, change the password and quit:
postgres=# password postgres Enter new password: <new-password> postgres=# q
Or using a query:
ALTER USER postgres PASSWORD '<new-password>';
Or in one line
sudo -u postgres psql -c "ALTER USER postgres PASSWORD '<new-password>';"
Note:
If that does not work, reconfigure authentication by editing /etc/postgresql/9.1/main/pg_hba.conf (the path will differ) and change:
local all all peer # change this to md5
to
local all all md5 # like this
Then restart the server:
sudo service postgresql restart
answered Oct 4, 2012 at 5:50
Clint BugsClint Bugs
11.2k1 gold badge11 silver badges11 bronze badges
10
You can and should have the users’ password encrypted:
ALTER USER username WITH ENCRYPTED PASSWORD 'password';
answered Feb 21, 2015 at 8:58
yglodtyglodt
13.3k14 gold badges86 silver badges125 bronze badges
4
I believe the best way to change the password is simply to use:
password
in the Postgres console.
Per ALTER USER documentation:
Caution must be exercised when specifying an unencrypted password with
this command. The password will be transmitted to the server in
cleartext, and it might also be logged in the client’s command history
or the server log. psql contains a command password that can be used
to change a role’s password without exposing the cleartext password.
Note: ALTER USER is an alias for ALTER ROLE
xlm
6,40413 gold badges54 silver badges54 bronze badges
answered Aug 30, 2017 at 16:55
Viktor NordlingViktor Nordling
8,4044 gold badges26 silver badges23 bronze badges
6
To change the password using the Linux command line, use:
sudo -u <user_name> psql -c "ALTER USER <user_name> PASSWORD '<new_password>';"
answered May 25, 2015 at 23:14
Vajira LasanthaVajira Lasantha
2,4053 gold badges22 silver badges39 bronze badges
3
To the change password:
sudo -u postgres psql
Then
password postgres
Now enter the new password and confirm.
Then q to exit.
answered Jun 29, 2019 at 19:09
Akitha_MJAkitha_MJ
3,64822 silver badges18 bronze badges
1
Go to your PostgreSQL configuration and edit file pg_hba.conf:
sudo vim /etc/postgresql/9.3/main/pg_hba.conf
Then change this line:
Database administrative login by Unix domain socket
local all postgres md5
to:
Database administrative login by Unix domain socket
local all postgres peer
Then restart the PostgreSQL service via the ‘sudo’ command. Then
psql -U postgres
You will be now entered and will see the PostgreSQL terminal.
Then enter
password
And enter the new password for the PostgreSQL default user. After successfully changing the password again, go to the pg_hba.conf and revert the change to «md5».
Now you will be logged in as
psql -U postgres
with your new password.
answered Oct 9, 2014 at 14:03
3
Setting up a password for the postgres role
sudo -u postgres psql
You will get a prompt like the following:
postgres=#
Change password to PostgreSQL for user postgres
ALTER USER postgres WITH ENCRYPTED PASSWORD 'postgres';
You will get something as follows:
ALTER ROLE
To do this we need to edit the pg_hba.conf file.
(Feel free to replace nano with an editor of your choice.)
sudo nano /etc/postgresql/9.5/main/pg_hba.conf
Update in the pg_hba.conf file
Look for an uncommented line (a line that doesn’t start with #) that has the contents shown below. The spacing will be slightly different, but the words should be the same.
local postgres postgres peer
to
local postgres postgres md5
Now we need to restart PostgreSQL, so the changes take effect
sudo service postgresql restart
answered Oct 30, 2021 at 10:05
CHAVDA MEETCHAVDA MEET
6798 silver badges14 bronze badges
0
To request a new password for the postgres user (without showing it in the command):
sudo -u postgres psql -c "password"
answered Mar 3, 2018 at 4:05
lcnicolaulcnicolau
3,1224 gold badges38 silver badges52 bronze badges
This was the first result on google, when I was looking how to rename a user, so:
ALTER USER <username> WITH PASSWORD '<new_password>'; -- change password
ALTER USER <old_username> RENAME TO <new_username>; -- rename user
A couple of other commands helpful for user management:
CREATE USER <username> PASSWORD '<password>' IN GROUP <group>;
DROP USER <username>;
Move user to another group
ALTER GROUP <old_group> DROP USER <username>;
ALTER GROUP <new_group> ADD USER <username>;
answered Apr 21, 2016 at 20:53
Salvador DaliSalvador Dali
209k145 gold badges690 silver badges749 bronze badges
If you are on Windows.
Open pg_hba.conf file and change from md5 to peer.
Open cmd and type psql postgres postgres.
Then type password to be prompted for a new password.
Refer to this Medium post for further information & granular steps.
answered Jun 13, 2020 at 19:27
Timothy MachariaTimothy Macharia
2,4611 gold badge19 silver badges26 bronze badges
3
The configuration that I’ve got on my server was customized a lot, and I managed to change the password only after I set trust authentication in the pg_hba.conf file:
local all all trust
Don’t forget to change this back to password or md5.
answered Jan 11, 2014 at 20:39
ruruskyiruruskyi
1,9912 gold badges26 silver badges37 bronze badges
2
For my case on Ubuntu 14.04 (Trusty Tahr), installed with PostgreSQL 10.3: I need to follow the following steps
-
su - postgresto switch the user topostgres -
psqlto enter the PostgreSQL shell -
passwordand then enter your password -
Q to quit the shell session
-
Then you switch back to root by executing
exitand configure yourpg_hba.conf(mine is at/etc/postgresql/10/main/pg_hba.conf) by making sure you have the following linelocal all postgres md5 -
Restart your PostgreSQL service by
service postgresql restart -
Now switch to the
postgresuser and enter the PostgreSQL shell again. It will prompt you for a password.
answered Mar 25, 2018 at 19:47
haxporhaxpor
2,3073 gold badges26 silver badges45 bronze badges
1
Use this:
password
Enter the new password you want for that user and then confirm it.
If you don’t remember the password and you want to change it, you can log in as «postgres» and then use this:
ALTER USER 'the username' WITH PASSWORD 'the new password';
answered Feb 12, 2018 at 11:52
Chris DareChris Dare
1511 silver badge8 bronze badges
TLDR:
On many systems, a user’s account often contains a period, or some sort of punctuation (user: john.smith, horise.johnson). In these cases, a modification will have to be made to the accepted answer above. The change requires the username to be double-quoted.
Example
ALTER USER "username.lastname" WITH PASSWORD 'password';
Rationale:
PostgreSQL is quite picky on when to use a ‘double quote’ and when to use a ‘single quote’. Typically, when providing a string, you would use a single quote.
answered Jun 1, 2020 at 18:28
FlyingVFlyingV
1,88718 silver badges15 bronze badges
1
This is similar to other answers in syntax, but it should be known that you can also pass the MD5 hash value of the password, so you are not transmitting a plain text password.
Here are a few scenarios of unintended consequences of altering a users password in plain text.
- If you do not have SSL and are modifying remotely you are transmitting the plain text password across the network.
- If you have your logging configuration set to log DDL statements
log_statement = ddlor higher, then your plain text password will show up in your error logs. - If you are not protecting these logs, it’s a problem.
- If you collect these logs/ETL them and display them where others have access, they could end up seeing this password, etc.
- If you allow a user to manage their password, they are unknowingly revealing a password to an administrator or low-level employee tasked with reviewing logs.
With that said, here is how we can alter a user’s password by building an MD5 hash value of the password.
-
PostgreSQL, when hashing a password as MD5, salts the password with the user name and then prepends the text «md5» to the resulting hash.
-
Example: «md5″+md5(password + username)
-
In Bash:
echo -n "passwordStringUserName" | md5sum | awk '{print "md5"$1}'Output:
md5d6a35858d61d85e4a82ab1fb044aba9d -
In PowerShell:
[PSCredential] $Credential = Get-Credential $StringBuilder = New-Object System.Text.StringBuilder $null = $StringBuilder.Append('md5'); [System.Security.Cryptography.HashAlgorithm]::Create('md5').ComputeHash([System.Text.Encoding]::ASCII.GetBytes(((ConvertFrom-SecureStringToPlainText -SecureString $Credential.Password) + $Credential.UserName))) | ForEach-Object { $null = $StringBuilder.Append($_.ToString("x2")) } $StringBuilder.ToString(); ## OUTPUT md5d6a35858d61d85e4a82ab1fb044aba9d -
So finally our
ALTER USERcommand will look likeALTER USER UserName WITH PASSWORD 'md5d6a35858d61d85e4a82ab1fb044aba9d'; -
Relevant links (note I will only link to the latest versions of the documentation. For older, it changes some, but MD5 is still supported a ways back.)
-
create role
-
The password is always stored encrypted in the system catalogs. The ENCRYPTED keyword has no effect, but is accepted for backwards compatibility. The method of encryption is determined by the configuration parameter password_encryption. If the presented password string is already in MD5-encrypted or SCRAM-encrypted format, then it is stored as-is regardless of password_encryption (since the system cannot decrypt the specified encrypted password string, to encrypt it in a different format). This allows reloading of encrypted passwords during dump/restore.
-
Configuration setting for password_encryption
-
PostgreSQL password authentication documentation
-
Building PostgreSQL password MD5 hash value
answered Aug 20, 2019 at 19:52
jkdbajkdba
2,2283 gold badges21 silver badges32 bronze badges
And the fully automated way with Bash and expect (in this example we provision a new PostgreSQL administrator with the newly provisioned PostgreSQL password both on OS and PostgreSQL run-time level):
# The $postgres_usr_pw and the other Bash variables MUST be defined
# for reference the manual way of doing things automated with expect bellow
#echo "copy-paste: $postgres_usr_pw"
#sudo -u postgres psql -c "password"
# The OS password could / should be different
sudo -u root echo "postgres:$postgres_usr_pw" | sudo chpasswd
expect <<- EOF_EXPECT
set timeout -1
spawn sudo -u postgres psql -c "\password"
expect "Enter new password: "
send -- "$postgres_usr_pwr"
expect "Enter it again: "
send -- "$postgres_usr_pwr"
expect eof
EOF_EXPECT
cd /tmp/
# At this point the 'postgres' executable uses the new password
sudo -u postgres PGPASSWORD=$postgres_usr_pw psql
--port $postgres_db_port --host $postgres_db_host -c "
DO $$DECLARE r record;
BEGIN
IF NOT EXISTS (
SELECT
FROM pg_catalog.pg_roles
WHERE rolname = '"$postgres_db_useradmin"') THEN
CREATE ROLE "$postgres_db_useradmin" WITH SUPERUSER CREATEROLE
CREATEDB REPLICATION BYPASSRLS
PASSWORD '"$postgres_db_useradmin_pw"' LOGIN ;
END IF;
END$$;
ALTER ROLE "$postgres_db_useradmin" WITH SUPERUSER CREATEROLE
CREATEDB REPLICATION BYPASSRLS
PASSWORD '"$postgres_db_useradmin_pw"' LOGIN ;
"
answered Oct 20, 2019 at 8:35
Yordan GeorgievYordan Georgiev
4,8681 gold badge52 silver badges53 bronze badges
Change password to «postgres» for user «postgres»:
# ALTER USER postgres WITH ENCRYPTED PASSWORD '<NEW-PASSWORD>';
answered Oct 30, 2021 at 10:34
1
I was on Windows (Windows Server 2019; PostgreSQL 10), so local type connections (pg_hba.conf: local all all peer) are not supported.
The following should work on Windows and Unix systems alike:
- backup
pg_hba.conftopg_hba.orig.confe.g. - create
pg_hba.confwith only this:host all all 127.0.0.1/32 trust - restart pg (service)
- execute
psql -U postgres -h 127.0.0.1 - enter (in pgctl console)
alter user postgres with password 'SomePass'; - restore
pg_hba.conffrom 1. above
answered Mar 5, 2021 at 13:46
Andreas CovidiotAndreas Covidiot
4,1385 gold badges48 silver badges95 bronze badges
Check file pg_hba.conf.
In case the authentication method is ‘peer’, the client’s operating system user name/password must match the database user name and password. In that case, set the password for Linux user ‘postgres’ and the DB user ‘postgres’ to be the same.
See the documentation for details: 19.1. The pg_hba.conf File
answered Oct 2, 2020 at 17:30
1
In general, just use the pgAdmin UI for doing database-related activity.
If instead you are focusing more in automating database setup for your local development, CI, etc.
For example, you can use a simple combination like this.
(a) Create a dummy super user via Jenkins with a command similar to this:
docker exec -t postgres11-instance1 createuser --username=postgres --superuser experiment001
This will create a super user called experiment001 in you PostgreSQL database.
(b) Give this user some password by running a NON-Interactive SQL command.
docker exec -t postgres11-instance1 psql -U experiment001 -d postgres -c "ALTER USER experiment001 WITH PASSWORD 'experiment001' "
PostgreSQL is probably the best database out there for command line (non-interactive) tooling. Creating users, running SQL, making backup of database, etc.
In general, it is all quite basic with PostgreSQL, and it is overall quite trivial to integrate this into your development setup scripts or into automated CI configuration.
answered Nov 1, 2019 at 17:41
99Sono99Sono
3,50627 silver badges38 bronze badges
Using pgAdmin 4:
Menu Object → Change password…
answered Sep 8, 2022 at 12:59
Most of the answers were mostly correct, but you need to look out for minor things. The problem I had was that I didn’t ever set the password of «postgres», so I couldn’t log into an SQL command line that allowed me to change passwords. These are the steps that I used successfully (note that most or all commands need sudo or root user):
-
Edit the
pg_hba.conffile in the data directory of the DB cluster you’re trying to connect to.- The folder of the data directory can be found by inspecting the systemd command line, easily obtained with
systemctl status postgresql@VERSION-DB_CLUSTER. Replace VERSION with your psql version and DB_CLUSTER with the name of your database cluster. This may be main if it was automatically created, so, e.g.,postgresql@13-main. Alternatively, my Bash shell provided auto-complete after enteringpostgresql@, so you could try that or look for the PostgreSQL services in the list of all services (systemctl -a). Once you have the status output, look for the second command line after CGroup, which should be rather long, and start with/usr/lib/postgresql/13/bin/postgresor similar (depending on version, distro, and installation method). You are looking for the directory after-D, for example/var/lib/postgresql/13/main.
- The folder of the data directory can be found by inspecting the systemd command line, easily obtained with
-
Add the following line:
host all all 127.0.0.1/32 trust. This allows for all users on all databases to connect to the database via IPv4 on the local machine unconditionally, without asking for a password.This is a temporary fix and don’t forget to remove this line again later on. Just to be sure, I commented out the
host all all 127.0.0.1/32 md5(md5 may be replaced by scram-sha-256), which is valid for the same login data, just requiring a password. -
Restart the database service:
systemctl restart postgresql@...Again, use the exact service you found earlier. -
Check that the service started properly with
systemctl status postgresql@.... -
Connect with psql, and very importantly, force psql to not ask for a password. In my experience, it will ask you for a password even though the server doesn’t care, and will still reject your login if your password was wrong. This can be accomplished with the
-wflag.The full command line looks something like this:
sudo -u postgres psql -w -h 127.0.0.1 -p 5432. Here,postgresis your user and you may have changed that.5432is the port of the cluster-specific server and may be higher if you are running more than one cluster (I have 5434 for example). -
Change the password with the
passwordspecial command. -
Remember to remove the password ignore workaround and restart the server to apply the configuration.
answered Apr 13, 2021 at 9:05
In this Postgresql tutorial, we are going to learn about “Postgresql set user password”, which means changing the password of an existing user in the Postgres database on different environments like Windows, Ubuntu, etc.
We are going to cover the following topics.
- How to set user password in PostgreSQL in windows OS
- Set user password in PostgreSQL in ubuntu
- Change user password using pgadmin in PostgreSQL
In Postgresql, We can change the password of the user using the below syntax.
Syntax:
ALTER USER user_name WITH PASSWORD 'new_password';Here ALTER USER is a command that changes the attributes of a PostgreSQL user account, user_name is the name of the user whose password is to be altered and new_password is the password that you want to set for the user.
We can change password of a Postgresql user account using the command line in windows.
The following are the instructions to change the password of the user.
Open CMD on your computer using CTRL+R and type cmd in the box, then hit Enter from your keyboard.
Enter into psql command prompt as postgres user using below command.
If it asks for a password, then enter the password of the user and remember the password.
psql -U postgresNow change the password of the current user postgres.
ALTER USER postgres WITH PASSWORD '23456';Now remember this new password and forget the password that we have remembered before for a user named postgres.
Exit from the psql prompt.
q -- To exit from psql prompt in Postgresql databast
We have successfully change the password of a user named Postgres.
Now log in again with the new password of user Postgres.
psql -U postgresif it asks for a password, enter the new password that we have set recently.
Read: How to create a table in PostgreSQL
Postgresql set user password ubuntu
In Ubuntu, we can change the password of the Postgresql user account using the terminal.
Open the terminal using CTRL+ALT+T from your keyboard and log into the Postgres prompt using the below command.
sudo su - postgresEnter into psql prompt.
psqlNow change the password of the user named postgres.
ALTER USER postgres WITH PASSWORD '23456';Exit from psql prompt and logout from Postgres prompt.
exit -- To exit from psql and postgres prompt
From the above output, we see the output “ALTER ROLE”, which means the password changed successfully.
Now again log in with the new password and if it asks for a password, then enter the new password.
sudo -i -u postgresYou will successfully be logged in.
Read: PostgreSQL installation on Linux
Postgresql change user password pgadmin
In Postgresql, we can also change the user password from the pgAdmin application.
The following are the instructions to change passwords in the Postgresql database.
Open pdAdmin, go to Browser section and expand icon > in front of Server then expand the icon > in front of Login/Group Roles.
Now select postgres user from Login/Group Roles, right-click on that and click on option Properties.
After clicking on Properties, a Login Role-postgres dialog appears, click on the Definition tab and enter the password then click on the Save button at the bottom right corner.
After clicking on Save, we have successfully changed the password of a user named postgres. Now, close the pgAdmin application, and log in again with the new password.
You may also like some of our latest articles on PostgreSQL.
- PostgreSQL WHERE IN
- Postgres date range
- Postgresql if else
- PostgreSQL CASE
- Postgresql create user with password
- PostgreSQL DATE Format
- PostgreSQL ADD COLUMN
- PostgreSQL vs SQL Server
- Postgres RegEx
- Postgresql date between two dates
- Postgresql create database
So in this tutorial, we have learned about “Postgresql set user password” and changed the password of existing users. We have covered the following topics.
- How to set user password windows in PostgreSQL
- Set user password ubuntu in PostgreSQL
- How to change user password pgadmin in PostgreSQL
I am Bijay having more than 15 years of experience in the Software Industry. During this time, I have worked on MariaDB and used it in a lot of projects. Most of our readers are from the United States, Canada, United Kingdom, Australia, New Zealand, etc.
Want to learn MariaDB? Check out all the articles and tutorials that I wrote on MariaDB. Also, I am a Microsoft MVP.
(Note: Not much of this is relevant to readers using PostgreSQL 9.2 or above from the EDB installers, which now have a greatly simplified default install using the NETWORK SERVICE, though you can still configure other accounts).
I have used
net user postgres postgres
to reset the password for my database but instead of a success message I am getting"System error 5 has occurred. Access is denied."
You’ve reset (or tried to reset) the service account password. PostgreSQL won’t run as Administrator for security reasons and the installer generally sets it up with a «postgres» user account in PostgreSQL 9.1 and older1. On Windows you can’t start a service as a user without saving the password of the user in the registry, so that’s what the installer does.
If you change the password for the Windows user account postgres, the PostgreSQL service can no longer start. So don’t do that, you’ll have to fix the service configuration to store the updated password.
Thankfully I think another mistake prevented you from doing that. It looks like you’re probably running your command prompt without using «Run as Administrator» on an unprivileged Windows user account or a machine with UAC, so it isn’t running with the access permissions required to change the password for the postgres user.
Before you try to change that password, make sure it’s really what you want to do. What’s the problem you’re trying to solve here? Are you attempting to install a database update or something else that’s asking for the password for the postgres Windows user?
Most likely you’re just trying to log in to the database. For that, you use the (unfortunately completely unrelated) password stored in the database its self. Since you’ve lost/forgotten it you’ll have to reset it:
- Find your
pg_hba.conf, usually inC:Program FilesPostgreSQL9.1datapg_hba.conf - If necessary, set the permissions on it so that you can modify it; your user account might not be able to do so until you use the security tab in the properties dialog to give yourself that right by using an admin override. Alternately, find notepad / notepad++ in your start menu, right click, choose «Run as administrator», then use File->Open to open
pg_hba.confthat way. -
Edit it to set the «host» line for user «postgres» on host «127.0.0.1/32» to «trust». You can add the line if it isn’t there; just insert:
host all postgres 127.0.0.1/32 trust host all postgres ::1/128 trust # if IPv6 is in usebefore any other lines. (You can ignore comments, lines beginning with
#). -
Restart the PostgreSQL service from the Services control panel (start->run->
services.msc) - connect using psql or PgAdmin-III or whatever you prefer
ALTER USER postgres PASSWORD 'postgres'- remove the line you added to
pg_hba.confor change it back - restart PostgreSQL again.
See: How do I reset the postgres password for PostgreSQL on Windows?
1. 9.2 now uses the NETWORKSERVICE account, which doesn’t require a password, so this problem goes away.
- Change the User Password in Postgres Using Windows
- Change the User Password in Postgres Using Linux
In this tutorial, we will change the user password in Postgres.
Change the User Password in Postgres Using Windows
- Open the
SQL Shell (psql)from the menus or search bar. - Connect to the default database with the default port. If you set up with default settings, then the configuration should look like this:
Server [localhost]:
Database [postgres]:
Port [5432]:
Username [postgres]:
Password for user postgres:
If you put the field blank and press empty, it will take the default values shown between the square bracket.
Then, log in with the default password you set during the installation. If you’re successful, then you will get the SQL command line:
psql (14.0)
WARNING: Console code page (437) differs from Windows code page (1252)
8-bit characters might not work correctly. See psql reference
page "Notes for Windows users" for details.
Type "help" for help.
postgres=#
Now, if you want to see all the user lists, type the command:
postgres=# select * from USER;
user
----------
postgres
(1 row)
You need to alter the user information using ALTER to change the user password. The query format for changing the user password:
postgres=# ALTER USER postgres WITH PASSWORD 'ROOT';
ALTER ROLE
postgres=#
Instead of postgres, you can type your username, which you want to update, and instead of Root, you can use your defined password.
Or, there’s another method for changing the passwords without writing any SQL query. After opening the psql command line, type password user_name.
Then it will ask for a new password and again ask to retype the new password.
postgres=# password postgres
Enter new password: <Enter-your-password>
Enter it again: <Retype-your-password>
postgres=#
Change the User Password in Postgres Using Linux
You can enter the psql console without any password. Use the sudo command.
Here’s how you can log in without a psql password:
$sudo -u <username> psql <database>
Use the above method to change the password for a user in psql.
It’s a good practice to save the user password encrypted. You can use the following command:
postgres=# ALTER USER postgres WITH ENCRYPTED PASSWORD 'ROOT';
Sometimes you may need to change user password in PostgreSQL, for database management and website administration. In this article, we will look at how to change user password in PostgreSQL. You can use these steps to change postgres password in Ubuntu, Windows and other Linux systems. You can also use it to change default postgres password.
Here are the steps to change user password in PostgreSQL.
1. Log into PostgreSQL
Open terminal and run the following command to log into PostgreSQL. Replace username and dbname with your username and database name respectively.
$ sudo -u username psql dbname
Also read : How to change user to superuser in PostgreSQL
2. Change User Password
We will use the ALTER USER command to change user password. Here is its syntax.
ALTER ROLE username WITH PASSWORD 'password';
In the above command, you need to specify the username whose password you want to change, and also the new password for that user.
Run the following ALTER USER command to change user password. Replace testuser and newpassword with
ALTER USER testuser WITH PASSWORD 'newpassword';Similarly, if you want to change password for postgres user, modify the above command as shown.
ALTER USER postgres WITH PASSWORD 'newpassword';Also read : How to Copy data from one table to another in SQL
Sometimes you may need to expire a password after a specific date. In such cases, use VALID UNTIL clause with ALTER USER statement. Here’s the above SQL query modified to set password expiration date as December 31, 2020.
ALTER USER testuser WITH PASSWORD 'newpassword'VALID UNTIL 'December 31, 2020';
As you can see, it is very easy to change user password in PostgreSQL in Ubuntu, CentOS and other systems.
Need a reporting tool for PostgreSQL? Ubiq makes it easy to visualize data in minutes, and monitor in real-time dashboards. Try it Today!
Related posts:
- About Author
Summary: in this tutorial, you will learn how to change the password for a user in PostgreSQL.
To change the password of a PostgreSQL user, you use the ALTER ROLE statement as follows:
Code language: HTML, XML (xml)
ALTER ROLE username WITH PASSWORD 'password'; </code>
In this statement, to change the password of a user:
- First, specify the
usernamewho you want to change the password. - Second, provide the new
passwordwrapped within single quotes (‘).
For example, the following statement changes the password of the super user to secret123.
Code language: SQL (Structured Query Language) (sql)
ALTER ROLE super WITH PASSWORD 'secret123';
Sometimes, you want to set the password valid until a date and time. In this case, you use the VALID UNTIL clause:
Code language: SQL (Structured Query Language) (sql)
ALTER ROLE username WITH PASSWORD 'new_password' VALID UNTIL timestamp;
Note that if you omit the VALID UNTIL clause, the password will be valid for all time.
The following statement sets the expiration date for the password of super user to December 31 2020:
Code language: SQL (Structured Query Language) (sql)
ALTER ROLE super VALID UNTIL 'December 31, 2020';
To verify the result, you can view the detailed information of user:
Code language: SQL (Structured Query Language) (sql)
postgres=# du super; List of roles Role name | Attributes | Member of -----------+---------------------------------------------+----------- super | Superuser, Cannot login +| {} | Password valid until 2020-12-31 00:00:00+07 |
Note that using the ALTER ROLE statement will transfer the password to the server in cleartext. In addition, the cleartext password may be logged in the psql’s command history or the server log.
In this tutorial, you have learned how to change the password of a PostgreSQL user using the ALTER ROLE statement.
Was this tutorial helpful ?
Introduction to Postgres Change Password
In this article, we will learn how we can change the Postgres Change Password of the user if present and if not how we can assign a password to the user for further authenticated usage by him in the PostgreSQL database server. There are two methods to do so. The first method involves using the ALTER query statement to change the password and the second method is to use the meta-command password in PostgreSQL’s psql utility.
To proceed with changing the password process, we first need to understand how password mechanism works in PostgreSQL and what password policy is set to the default superuser which is most often user named Postgres.
In any Unix distribution system of PostgreSQL, there are two types of authentication methods namely ident and peer. The default authentication method depends on which version of PostgreSQL does it use and how is PostgreSQL installed on your machine.
Ident Authentication method: In this method, TCP port with 113 as port number authenticates the user’s credentials where the identification server of the operating system is running.
Peer Authentication Method: In the peer authentication method, the current user’s password of PostgreSQL is matched with the password of the operating system user’s password.
Syntax
Format 1:
ALTER USER name [ [ WITH ] option [ ... ] ] where option can be:
CREATEDB | NOCREATEDB
| CREATEUSER | NOCREATEUSER
| [ ENCRYPTED | UNENCRYPTED ] PASSWORD 'newPassword'
| VALID UNTIL 'expirytime'
Explanation: Using the above alter command the password of the user can be changed and along with that other options can also be reassigned.
Name: It is the name of the user or role whose properties or password you want to change.
Option: We can change multiple parameters and privileges associated with the user using this format.
CREATEDB: This can be specified if you want to give the privilege to the user to create a new database
NOCREATEDB: This can be mentioned if you want to restrict the user from creating any new database.
CREATEUSER: This property can be specified to allow the user to create new users.
NOCREATEUSER: When this property is mentioned in the query in the above format the user won’t be able to create new users.
ENCRYPTED: This property determines whether the password stored in the pg_catalog’s pg_shadow table is stored in the form of an MD5 encrypted format.
UNENCRYPTED: The password is not stored in encrypted format in pg_catalog. If neither ENCRYPTED or UNENCRYPTED property is specified and neither this is done while user creation then the default password storing mechanism is decided based on password_encryption configuration variable.
PASSWORD: The new password is the string that you want to set as the password for the user. If this field is not specified and the user doesn’t have any previously set password to it then no authentication will be done for the user and the user can log in to the system without mentioning the password. But in case if you switch to a password authentication system then the user won’t be able to log in.
VALID UNTIL expiry time: This field can be used if you want to allow the set password up to some specific period. This field if the timestamp up to which you want to permit the assigned password to work.
Examples to Implement Postgres Change Password
Below are examples mentioned:
Example #1
We will firstly login to the system by Postgres default user. Here we have assigned a password to the Postgres role already. So, we will enter the password.
Code:
sudo su - postgres
Output:
Example #2
Further, let us check all the users which are present in the database server by firing the command using psql promo:
Code:
select username from pg_catalog.pg_user;
Output:
Example #3
Let us try to login using a user:
Code:
sudo su – a;
Output:
Example #4
As we have forgotten the password associated to that user assigned to it while its creation, we will reset it to pay by using the format 1 ALTER USER query in the following way:
Code:
ALTER USER a WITH ENCRYPTED PASSWORD 'payal';
Output:
As the output is ALTER ROLE. The password has been reset successfully.
Format 2:
ALTER USER name RENAME TO alteredName
This format is only used to alter the name of the user to some other name “alteredName”.
Example #5
Code:
ALTER USER a RENAME TO payal;
Output:
Example #6
Let us verify the available users in our database server now.
Code:
SELECT usename FROM pg_catalog.pg_user;
Output:
Example #7
Code:
ALTER USER name SET parameter { TO | = } { targetValue | DEFAULT }
the parameter can be any configuration property of PostgreSQL. You can see all the configuration properties by firing the command
SHOW ALL;
Output:
Example #8
ALTER USER name RESET parameter
This command is used to reset the value of any field related to the user. Example –
Now, in case if we want to reset the password of the payal user. we can do so by using the query statement :
Code:
ALTER USER payal RESET password;
Output:
That gives the output “ALTER ROLE” which means that password for payal user has been reset successfully.
Example #9
MetaCommand to change password: In PostgreSQL, we have this amazing functionality called meta-commands that can be used with the help of psql utility. MetaCommands are short commands which are provided to make the working
of database administrator easy and efficient. These metacommands internally fire the SQL commands which are basic like ALTER, CREATE, SELECT, etc. One such meta-command for changing the password of the user is available and named password. It asks to enter the password and then reenter the password for confirmation and then sets the entered password for that user.
password
Let us check the working of metacommand with the help of an example. Suppose we want to change the password of Postgres user after login to the Postgres database. Then we will query for the same in the following steps:
Code:
psql -d postgres -U postgres
password
Output:
Conclusion
We can change the password of the user either by using the ALTER command or metacommand password in PostgreSQL.
Recommended Articles
This is a guide to Postgres Change Password. Here we discuss an introduction to Postgres Change Password, syntax, examples with code and output. You can also go through our other related articles to learn more –
- PostgreSQL Database
- PostgreSQL Trunc()
- PostgreSQL cluster
- PostgreSQL Functions
Improve Article
Save Article
Improve Article
Save Article
In this article, we will look into the step-by-step process of resetting the Postgres user password in case the user forgets it.
PostgreSQL uses the pg_hba.conf configuration file stored in the database data directory (e.g., C:Program FilesPostgreSQL12data on Windows) and is used to handle user authentication. The hba in pg_hba.conf means host-based authentication.
As resetting the password requires modification in the pg_hba.conf file, you will need to login to the Postgres role without any password.
Follow the below steps to reset a password for the postgres user:
- Step 1: Create a backup of the pg_hba.conf file by copying it to a different location or just rename it to pg_hba.conf.bk
- Step 2: Now change the pg_hba.conf file by making all local connections from md5 to trust. This will help you to log in to the PostgreSQL database server without using a password.
# TYPE DATABASE USER ADDRESS METHOD # IPv4 local connections: host all all 127.0.0.1/32 trust # IPv6 local connections: host all all ::1/128 trust # Allow replication connections from localhost, by a user with the # replication privilege. host replication all 127.0.0.1/32 trust host replication all ::1/128 trust
- Step 3: Now restart the PostgreSQL server. On a Windows machine, you can restart the PostgreSQL from Services.
Or use the below command from the window terminal:
pg_ctl -D "C:Program FilesPostgreSQL12data" restart
The “C:Program FilesPostgreSQL12data” is the data directory.
- Step 4: Finally connect to the PostgreSQL database server using any tool such as psql or pgAdmin(In pgAdmin, press ok while it prompts you to enter the password without entering anything in the field.):
psql -U postgres
At this stage, you will not be asked for any authentication.
- Step 5: Use the below command to set a new password for the postgres user.
ALTER USER postgres WITH PASSWORD 'new_password';
This will change the user’s password as shown below:
- Step 6:Now restart the PostgreSQL database server. At this stage, you can connect to the PostgreSQL database server with the new password.
Follow the above steps to successfully reset the Postgres password and do not forget to restore the pg_hba.conf file after the reset to successfully store the credentials for future verification.
Contents
- 1 Introduction
- 2 The Command Prompt Way
- 3 Using pgAdmin to Graphically Reset the Password
- 4 In Closing
Introduction
How to change postgres account password? In case of forgotten password, hence unable to access the database management GUI. This is my experience when using Windows. It might be the same with other operating system.
The Command Prompt Way
First let me put a note using command prompt technique. The GUI technique is much simpler and presented later in this same writeup.
To do this using command prompt. It is good to know that in windows there will be 2 account. One is postgres windows user account. The other is database admin account. Which is also called postgres.
- Edit E:PostgreSQL9.1pg_hba.conf and set the localhost method to trust instead of md5.
Do not forget to save. - Use the usual Windows way to reset the password of windows user account.
- Open up a command prompt and use runas to open another command prompt as postgres user.
- open up Services manager and restart postgresql service. There might be need to update the postgres user account password setting in the service property at this step.
- Now running psql will not ask any password.
- Use the following sql to set the user password
ALTER USER Postgres WITH PASSWORD ‘<newpassword>’
- Revert the pg_hba.conf localhost method back to md5 .
- Restart postgresql service in Services manager.
Using pgAdmin to Graphically Reset the Password
This is simpler and I would say faster. Just accidentally found that if pg_hba.conf localhost method is set to trust. There is no need to enter password when connecting to the database using pgAdmin.
Some of the step are similar to when using command prompt technique.
1. Edit E:PostgreSQL9.1pg_hba.conf and set the localhost method to trust instead of md5. Do not forget to save.
2. Open up Services manager and restart postgresql service.
3. Run pgAdmin and connect to the database. Note that it will not ask the password since we are in the trust mode.
4. Scroll down to look for postgres database user under Login Roles and open up the properties windows.
5. Surprisingly there is a tab named Definition that allow for password change. Do the necessary!
6. After this is done, revert back changes to pg_hba.conf file to md5 and restart the postgresql service in Services manager.
7. You should be able to connect to the database. This time using the new password!
In Closing
I learn the hard way about not writing up this stuff earlier. Wasting time looking for good tutorial on how to do this 