PostgreSQL error: password authentication failed for user

psql: error: connection to server at "localhost" (127.0.0.1), port 5432 failed: FATAL:  password authentication failed for user "app_user"

You reached the server, pg_hba.conf selected a password-based authentication method for this connection, and the password check failed. The client message is deliberately vague; the server log usually says more.

What this error means

The client is told only "authentication failed" — that's intentional, to avoid leaking information to attackers. The server log, however, records the underlying reason at the same timestamp: the role having no password assigned, the password not matching, or the stored password format not being usable with the authentication method pg_hba.conf demands.

That last one deserves a word: passwords are stored hashed, using the algorithm that password_encryption had when the password was set (scram-sha-256 on modern versions, md5 historically). Changing password_encryption or the pg_hba method does not convert existing stored passwords — mismatches surface as failed logins for passwords that are "definitely right".

Common causes

How to diagnose it

How to fix it

🔍 The neighbouring failure: no pg_hba.conf entry for host — when no rule matches the connection at all.