Home > mailing lists

Re: [HACKERS] Changing references of password encryption to hashing - Mailing list pgsql-hackers

From	Robert Haas
Subject	Re: [HACKERS] Changing references of password encryption to hashing
Date	November 30, 2023 20:16:01
Msg-id	CA+TgmoYLs3RsN_i_PEnS6MsRJvY_Cy=f+W7Yx=dQkDQXEKHBhQ@mail.gmail.com Whole thread Raw
In response to	Re: [HACKERS] Changing references of password encryption to hashing (Nathan Bossart <nathandbossart@gmail.com>)
List	pgsql-hackers

Tree view

On Wed, Nov 29, 2023 at 5:02 PM Nathan Bossart <nathandbossart@gmail.com> wrote:
> On Wed, Nov 29, 2023 at 04:02:11PM -0500, Robert Haas wrote:
> > I'd fully support having good documentation that says "hey, here are
> > the low security authentication configurations, here are the
> > medium-security ones, here are the high security ones, and here's why
> > these ones are better than those ones and what they protect against
> > and what risks remain." That would be awesome.
>
> +1.  IMO the "Password Authentication" section [0] does this pretty well
> already.

That's limited to just the password-based methods, though, so some
broader discussion of the whole suite of available techniques could be
useful. It does call out the known weaknesses of the md5 and password,
though, which is good.

--
Robert Haas
EDB: http://www.enterprisedb.com

pgsql-hackers by date:

From: "Andrey M. Borodin"
Date: 30 November 2023, 20:06:11
Subject: Re: Transaction timeout

From: Matthias van de Meent
Date: 30 November 2023, 20:47:39
Subject: Re: Parallel CREATE INDEX for BRIN indexes

Re: [HACKERS] Changing references of password encryption to hashing - Mailing list pgsql-hackers

Previous

Next