> 1.-By checking the CommLog box on the driver, 'psqlodb.log' is created with the password listed there. So some clever
usercan just go and tamper with the driver and he'll find a way into the database.
> Can this be prevented?
When configuring the ODBC driver, do not fill in the database, server,
username, password fields and uncheck the log option (I can't remember
the exact name for this). Setup the database connection string in your
program.
Hope this helps.
>
> 2.- Inside pg_hba.conf, in the record type "host" lines, the USERAUTH options are 'trust','reject','password', etc.
> Is it possible to use the 'crypt' option when connecting via ODBC? What are the proper steps to accomplish this?
>
I'd like to know the answer to this one too.