Home > mailing lists

Re: password_encryption default - Mailing list pgsql-hackers

From	Tom Lane
Subject	Re: password_encryption default
Date	May 22, 2020 17:13:24
Msg-id	25295.1590156804@sss.pgh.pa.us Whole thread Raw
In response to	password_encryption default (Peter Eisentraut <peter.eisentraut@2ndquadrant.com>)
Responses	Re: password_encryption default (Magnus Hagander <magnus@hagander.net>)
List	pgsql-hackers

Tree view

Peter Eisentraut <peter.eisentraut@2ndquadrant.com> writes:
> We didn't get anywhere with making the default authentication method in 
> a source build anything other than trust.  But perhaps we should change 
> the default for password_encryption to nudge people to adopt SCRAM? 
> Right now, passwords are still hashed using MD5 by default, unless you 
> specify scram-sha-256 using initdb -A or similar.

I think what that was waiting on was for client libraries to become
SCRAM-ready.  Do we have an idea of the state of play on that side?

            regards, tom lane

pgsql-hackers by date:

From: Tom Lane
Date: 22 May 2020, 17:11:17
Subject: Re: snowball release

From: Magnus Hagander
Date: 22 May 2020, 17:31:19
Subject: Re: password_encryption default

Re: password_encryption default - Mailing list pgsql-hackers

Previous

Next