My software package will install PostGreSQL on the server, and clients will
connect to it with a windows smart client application. What would be the
best way to keep the PostGreSQL usernames and passwords secure?
I will be doing a silent install of the database, and obviously this will
require a service username and password. Should I hardcode the service
username and password? Or should I let the person installing the software
enter their own username and password for the server?
Also, what should I do when it comes to the actual user for the database?
How should I handle these details? This software will be installed on many
different Pc's by many different people.
Can I use OpenSSL to secure communications between the clients and the
server?
Thanks