Client authentication is controlled by a configuration file, which traditionally is named pg_hba.conf and is stored in the database cluster's data directory(default is /usr/local/pgsql/data). If you are on Macintosh or Linux, default pg_hba.conf setting allows the server to accept any connections from the local machine without client authentication.
In order to make password authentication effective, edit the following portion of the pg_hba.conf file from
# "local" is for Unix domain socket connections only local all all trust # IPv4 local connections: host all all 127.0.0.1/32 trust # IPv6 local connections: host all all ::1/128 trust
to
# "local" is for Unix domain socket connections only local all all md5 # IPv4 local connections: host all all 127.0.0.1/32 md5 # IPv6 local connections: host all all ::1/128 md5
After editing the file, type in the terminal as follows to make the new setting effective.
/usr/local/pgsql/bin/pg_ctl -D /usr/local/pgsql/data reload