On Wed, Oct 11, 2017 at 10:33 AM, Scott Marlowe <scott(dot)marlowe(at)gmail(dot)com>
wrote:
> FYI our standard hack here is to run
>
> set log_statement='none';
> alter user ...
>
>
I've seen that suggested in some forums as well. Then you aren't logging
the fact that the password was changed at all. I think you'd still want to
know of the fact that it occurred, but my suggestion is that we shouldn't
be logging the value.
--
Don Seiler
www.seiler.us