What does 28P01 mean?

Understanding PostgreSQL error 28P01 invalid_password - authentication failed due to incorrect password for the specified user.

Learn how to resolve PostgreSQL Error 28P01 - Invalid Password. Understanding PostgreSQL error 28P01 invalid_password - authentication failed due to incorrect password for the specified user.

PostgreSQL Error 28P01 - Invalid Password

What It Means

PostgreSQL error code 28P01 (invalid_password) means authentication failed because the password provided for the user is incorrect. The error message typically reads: password authentication failed for user "username".

This is different from connection errors — the client successfully reached the PostgreSQL server, but the credentials were rejected.

Common Causes

Wrong password for the database user
User does not exist in PostgreSQL
Password was recently changed
Environment variable has extra whitespace or quotes in the password
Connecting to the wrong PostgreSQL instance
pg_hba.conf authentication method mismatch
Password contains special characters not properly escaped

How to Fix

Reset the user password

# Connect as the postgres superuser
sudo -u postgres psql

# Change the password
ALTER USER myapp WITH PASSWORD 'new_secure_password';

# Or create the user if it doesn't exist
CREATE USER myapp WITH PASSWORD 'new_secure_password';
GRANT ALL PRIVILEGES ON DATABASE mydb TO myapp;

Check pg_hba.conf

# Find pg_hba.conf location
sudo -u postgres psql -c "SHOW hba_file;"

# Edit pg_hba.conf
sudo nano /etc/postgresql/16/main/pg_hba.conf

# pg_hba.conf - common configurations
# TYPE  DATABASE  USER  ADDRESS       METHOD
local   all       all                 peer      # Local connections use OS user
host    all       all   127.0.0.1/32  md5       # Require password for TCP
host    all       all   0.0.0.0/0     scram-sha-256  # Remote with password

# After editing, reload PostgreSQL
# sudo systemctl reload postgresql

Verify connection details

# Test connection
psql -h localhost -U myapp -d mydb -W

# Check if the user exists
sudo -u postgres psql -c "SELECT usename FROM pg_user;"

# Check if the user can connect to the database
sudo -u postgres psql -c "SELECT datname, has_database_privilege('myapp', datname, 'CONNECT') FROM pg_database;"

Fix environment variables

# Check for whitespace or quote issues
echo "'$DATABASE_PASSWORD'"  # Look for extra characters

# Set properly in .env
DATABASE_URL=postgresql://myapp:password@localhost:5432/mydb

# Don't use quotes around values in .env files (depends on the parser)
DB_PASSWORD=my_secure_password    # Good
DB_PASSWORD="my_secure_password"  # May include quotes literally

Application configuration

// Node.js with pg
const { Pool } = require('pg');

const pool = new Pool({
  host: 'localhost',
  port: 5432,
  database: 'mydb',
  user: 'myapp',
  password: process.env.DB_PASSWORD,  // Verify this is set correctly
});

// Or use a connection string
const pool = new Pool({
  connectionString: process.env.DATABASE_URL
});

// Test the connection
pool.query('SELECT 1')
  .then(() => console.log('Connected'))
  .catch(err => console.error('Connection failed:', err.message));

# Python with psycopg2
import psycopg2

try:
    conn = psycopg2.connect(
        host='localhost',
        port=5432,
        dbname='mydb',
        user='myapp',
        password='secure_password'
    )
except psycopg2.OperationalError as e:
    if '28P01' in str(e):
        print("Invalid password. Check your credentials.")
    raise

Docker PostgreSQL

# Docker Compose
services:
  db:
    image: postgres:16
    environment:
      POSTGRES_USER: myapp
      POSTGRES_PASSWORD: secure_password
      POSTGRES_DB: mydb
    ports:
      - "5432:5432"

PostgreSQL 42P01 - Undefined table: Authenticated but the table doesn’t exist.
MySQL 1045 - Access denied: The MySQL equivalent of authentication failure.