You're probably using ident or even trust authentication. A quick synopsis of the most common authentication methods:
trust- You can log in no matter what.ident- You can log in if your UNIX username is the same as the PostgreSQL username.md5- You can log in if your password (encrypted withmd5) is correct.
Edit: PostgreSQL 9.0 introduced the peer authentication method. From what I gather, ident and peer have the same purpose—your login is determined by your operating system username—but ident talks to an ident server listening on port 113, while peer looks up your credentials with a system call. See http://www.postgresql.org/docs/9.1/static/auth-methods.html#AUTH-IDENT
Locate your pg_hba.conf file, and see if you can find something that looks like this:
# TYPE DATABASE USER CIDR-ADDRESS METHOD # "local" is for Unix domain socket connections only local all all ident # IPv4 local connections: host all all 127.0.0.1/32 md5 # IPv6 local connections: host all all ::1/128 md5 When you try to connect, PostgreSQL goes through this line-by-line. If the connection type (e.g. local, host), database, user (database user, not system user), and address all match up, it will use the given authentication method.
If you want to require a password to access your own PostgreSQL user, you could add a line like this at the top, before the local all all ident line:
# TYPE DATABASE USER CIDR-ADDRESS METHOD local mydbname myusername md5 Be sure to restart PostgreSQL after changing pg_hba.conf.