>> So, dropping plaintext password authentication support from libpq will
>> make it impossible for users to use the former method.
>
> Yes, just like dropping support for md5 would make it impossible for
> users to have their passwords be hashed with md5, which is an altogether
> good thing considering how easy it is to brute-force md5 these days.
I still don't understand why using plaintex password authentication
over SSL connection is considered insecure. Actually we have been
stating opposite in the manual:
https://www.postgresql.org/docs/14/auth-password.html
"If the connection is protected by SSL encryption then password can be
used safely, though."
Best reagards,
--
Tatsuo Ishii
SRA OSS, Inc. Japan
English: http://www.sraoss.co.jp/index_en.php
Japanese:http://www.sraoss.co.jp
