Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Save more on your purchases now! discount-offer-chevron-icon
Savings automatically calculated. No voucher code required.
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Conferences
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
Learning PostgreSQL 10

You're reading from   Learning PostgreSQL 10 A beginner's guide to building high-performance PostgreSQL database solutions

Arrow left icon
Product type Paperback
Published in Dec 2017
Publisher
ISBN-13 9781788392013
Length 488 pages
Edition 2nd Edition
Languages
Arrow right icon
Authors (2):
Arrow left icon
Andrey Volkov Andrey Volkov
Author Profile Icon Andrey Volkov
Andrey Volkov
Salahaldin Juba Salahaldin Juba
Author Profile Icon Salahaldin Juba
Salahaldin Juba
Arrow right icon
View More author details
Toc

Table of Contents (17) Chapters Close

Preface 1. Relational Databases FREE CHAPTER 2. PostgreSQL in Action 3. PostgreSQL Basic Building Blocks 4. PostgreSQL Advanced Building Blocks 5. SQL Language 6. Advanced Query Writing 7. Server-Side Programming with PL/pgSQL 8. OLAP and Data Warehousing 9. Beyond Conventional Data Types 10. Transactions and Concurrency Control 11. PostgreSQL Security 12. The PostgreSQL Catalog 13. Optimizing Database Performance 14. Testing 15. Using PostgreSQL in Python Applications 16. Scalability

Encrypting data


By default, PostgreSQL internally encrypts sensitive data, such as roles' passwords. However, database users can also encrypt and decrypt sensitive data using the pgcrypto extension.

PostgreSQL role password encryption

When creating a role with password and login options, one can see the role's details in the pg_shadow catalog relation. Note that it is not recommended to use the following format to create the password:

CREATE ROLE <role_name> <with options> PASSWORD 'some_password';

The CREATE ROLE statement can appear in pg_stat_activity as well as the server logs, as follows:

postgres=# SELECT query FROM pg_stat_activity;
                query 
--------------------------------------


 SELECT query FROM pg_stat_activity;
 create role c password 'c';

All passwords stored in pg_shadow are encrypted with salt; finally, renaming an account will rest the password as follows:

postgres=# ALTER ROLE a RENAME TO b;
NOTICE: MD5 password cleared because of role rename

When creating...

lock icon The rest of the chapter is locked
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at $19.99/month. Cancel anytime