Avoiding hardcoding your password
We can all agree that hardcoding your password is a bad idea. This recipe shows you how to keep your password in a secure password file.
Getting ready
Not all database users need passwords; some databases use other means of authentication. Don't perform this step unless you know you will be using password authentication and you know your password.
First, remove the hardcoded password from where you set it previously. Completely remove the password = xxxx
 text from the connection string in a program. Otherwise, when you test the password file, the hardcoded setting will override the details you are about to place in the file. Keeping the password hardcoded and in the password file is not any better. Using PGPASSWORD
 is not recommended either, so remove that also.
If you think someone may have seen the password, change your password before placing it in the secure password file.