"Jonathan S. Katz" <jkatz@postgresql.org> writes:
> For now I have left in the password based method to be scram-sha-256 as
> I am optimistic about the support across client drivers[1] (and FWIW I
> have an implementation for crystal-pg ~60% done).
> However, this probably means we would need to set the default password
> encryption guc to "scram-sha-256" which we're not ready to do yet, so it
> may be moot to leave it in.
> So, thinking out loud about that, we should probably use "md5" and once
> we decide to make the encryption method "scram-sha-256" by default, then
> we update the recommendation?
Meh. If we're going to break things, let's break them. Set it to
scram by default and let people who need to cope with old clients
change the default. I'm tired of explaining that MD5 isn't actually
insecure in our usage ...
regards, tom lane
