Password for crate user

#1

Hi Team,

The page here mentions that the built-in superuser crate has no password and it is not possible to set a new password for this user.

This essentially means that anyone can access any resource bypassing the privileges set for different groups by simply using crate user without any password. I even tried to DENY all privileges on a schema to crate user but it was not allowed to change the privileges of a superuser.

Please could you share the recommended practice on securing the data.

Thanks,
Ritwick

#2

Hi @ritwick!

Did you check this article on authentification: https://crate.io/docs/crate/reference/en/latest/admin/auth/hba.html

Best
Roman