Home > mailing lists

Re: [Patch] Mention md5 is deprecated in postgresql.conf.sample - Mailing list pgsql-hackers

From	Daniel Gustafsson
Subject	Re: [Patch] Mention md5 is deprecated in postgresql.conf.sample
Date	November 14 14:53:41
Msg-id	E6E0577D-7143-46AE-8A47-90762BDE0CC2@yesql.se Whole thread Raw
In response to	[Patch] Mention md5 is deprecated in postgresql.conf.sample (Michael Banck <mbanck@gmx.net>)
Responses	Re: [Patch] Mention md5 is deprecated in postgresql.conf.sample
List	pgsql-hackers

Tree view

> On 14 Nov 2025, at 11:47, Michael Banck <mbanck@gmx.net> wrote:

> while looking through postgresql.conf on PG18, I noticed that
> password_encryption mentions md5 as valid alternative to scram-sha-256.
> I think it would be useful to mention md5 is deprecated so that people
> looking at it (but have otherwise not gotten the memo) will realize and
> hopefully act on it.

No objection.  I suspect the overlap between users who don't read release notes
and users who read .conf.sample comments closely is pretty small, but it
certainly won't hurt.

-#password_encryption = scram-sha-256    # scram-sha-256 or md5
+#password_encryption = scram-sha-256    # scram-sha-256 or (deprecated) md5
 #scram_iterations = 4096
 #md5_password_warnings = on

Maybe this should be combined with a comment on md5_password_warnings as well?

--
Daniel Gustafsson

pgsql-hackers by date:

From: Ashutosh Bapat
Date: 14 November, 14:53:21
Subject: Re: Changing shared_buffers without restart

From: Andrey Borodin
Date: 14 November, 15:11:50
Subject: Re: IPC/MultixactCreation on the Standby server

Re: [Patch] Mention md5 is deprecated in postgresql.conf.sample - Mailing list pgsql-hackers

Previous

Next