How do I activate and change the postgres user's password?

Right now any user on the local machine can log on as postgres to the
template1 database. I don't like that, so I wish to turn on password
checking.

OK so I edit pg_hba.conf and put:

local        all                                         password
host         all         127.0.0.1     255.255.255.255   password

Then I have problems logging in as ANY user. Couldn't figure out what the
default password for the postgres user was. Only after some messing around
I found that I could log on as the postgres user with the password \N. Not
obvious, at least to me.

I only guessed it after looking at the pg_pwd file and noticing a \N there.
Is this where the passwords are stored? By the way should they be stored in
the clear and in a 666 permissions file? How about hashing them with some
salt?

Now the next problem is: How do I change the postgres user password?

I find the package's handling of passwords rather nonintuitive.

1) There is no obvious way to specify the password for users when you
create a user using the supplied shell script createuser. One has to resort
to psql and stuff.
2) Neither is there an obvious and easy way to change the user's password.
3) You can specify a password for a user by using pg_passwd and stick it
into a separate password file, but then there really is no link between
createuser and pg_passwd.

I find the bundled scripts and their associated documentation make things
very nonintuitive when one switches from a blind trust postgres to an
authenticated postgres.

Cheerio,

Link.