Greeting, When I install postgres it created default user with username/password = postgres. Lets say I want to deploy to use the database in production. I cant leave the default user like that ,because everyone would be able to log in to my database(people know about this default user).Of course I can restrict the ip from server,but I think its not a good idea.
What should I do. Should I DELETE DEFAULT USER? Should I leave default user,but CHANGE THE PASSWORD?
Answer
Good options are:
Change or clear the password.
Disable logins as
postgres:ALTER ROLE postgres NOLOGIN;
That second option requires that you either have another superuser or that there is a role that can become
postgreswithSET ROLE:CREATE ROLE admin LOGIN NOINHERIT IN GROUP postgres;