PostgreSQL offers many options for controlling access, from authentication and log in to the role system and finally the hierarchy of authorization to specific resources. Anyone involved in the administration of PostgreSQL needs to understand these complexities to ensure their system is both robust and secure. Recent versions of PostgreSQL have, again, increased the number of options, added capabilities, and generally given administrators both more freedom and more complexity. We will go through all of the authentication options that PostgreSQL offers, including extremely popular enterprise-wide authentication schemes (Kerberos, LDAP, SSL), then walk through setting up roles following best practices and privilege separation, and finally go through the privilege system from database-level down to column-level.