Re: [HACKERS] Changing references of password encryption to hashing - Mailing list pgsql-hackers

From Nathan Bossart
Subject Re: [HACKERS] Changing references of password encryption to hashing
Date
Msg-id 20231129220157.GA1260955@nathanxps13
Whole thread Raw
In response to Re: [HACKERS] Changing references of password encryption to hashing  (Robert Haas <robertmhaas@gmail.com>)
Responses Re: [HACKERS] Changing references of password encryption to hashing
List pgsql-hackers
On Wed, Nov 29, 2023 at 04:02:11PM -0500, Robert Haas wrote:
> I'd fully support having good documentation that says "hey, here are
> the low security authentication configurations, here are the
> medium-security ones, here are the high security ones, and here's why
> these ones are better than those ones and what they protect against
> and what risks remain." That would be awesome.

+1.  IMO the "Password Authentication" section [0] does this pretty well
already.

[0] https://www.postgresql.org/docs/devel/auth-password.html

-- 
Nathan Bossart
Amazon Web Services: https://aws.amazon.com



pgsql-hackers by date:

Previous
From: Nathan Bossart
Date:
Subject: optimize atomic exchanges
Next
From: Matthias van de Meent
Date:
Subject: Re: Parallel CREATE INDEX for BRIN indexes