ALTER ROLE… IDENTIFIED BY v10
ALTER ROLE -- change the password associated with a database role.
A role without the
CREATEROLE privilege may use this command to change their own password. An unprivileged role must include the
REPLACE clause and their previous password if
PASSWORD_VERIFY_FUNCTION is not
NULL in their profile. When the
REPLACE clause is used by a non-superuser, the server will compare the password provided to the existing password and raise an error if the passwords do not match.
A database superuser can use this command to change the password associated with any role. If a superuser includes the
REPLACE clause, the clause is ignored; a non-matching value for the previous password will not throw an error.
If the role for which the password is being changed has the
SUPERUSER attribute, then a superuser must issue this command. A role with the
CREATEROLE attribute can use this command to change the password associated with a role that is not a superuser.
The name of the role whose password is to be altered.
The role’s new password.
The role’s previous password.
To change a role’s password: