Peter Eisentraut <peter_e@gmx.net> writes:
> Maybe we should provide a backslash command in psql for secure password
> entry, say, \password [username]. This would then ask for the password
> through a somewhat secure, unlogged channel, encrypt it, and send an
> ALTER ROLE command to the server.
Not a bad idea. It'd at least keep the cleartext password firmly on the
client side.
regards, tom lane
