Two great questions here I wanted to take the time to answer:
Wildebeest wrote:Is a postgres database stored online and not on hard-disk? where is it stored?
Your database is stored locally on YOUR hard drive. In fact, if you installed this using the default settings, your database is located in c:/Program Files/postgreSQL/8.x/data/base/.
Wildebeest wrote:Is my database...secure online? does it need a username and password? can others access it? can others edit it?
Your data is semi secure as is. The data is encrypted to the database (no one could just grab a copy of your database and read its contents), and the server will not respond to anyone except your local computer (I can't query it directly from any other computer). How secure is this? How secure do you keep the rest of your computer?
The only way to gain access to your postgresql server without having to know the password is to be on your computer and query the database. Anywhere else, well, the server will ignore them because you told the server to only talk to your computer. A hacker, if they really wanted your data would have to setup some sort of bot on your computer to then mine the data out of your server and send it back to him (where ever he is)... Much too much work for the reward.
Now, if you have a database which is networked (ie, you are hitting it from more than one computer, especially if the computer is OUTSIDE your local network), then security needs to be tight. DO NOT SET ANYONE TO TRUST in that situation as its just not a good idea. I am one of these people because I will sometimes be away from home, but wanna play poker on the laptop, so I have it hit the server from wherever and so I have access to stats and can update stats too while playing.
In a situation like described above, I do not use the default password for postgresql, and I have other usernames setup for access so that postgres is only used to maintenance the server itself. Hope this helps.
~ Thomas
[Pokertracker support]
