Re: sunsetting md5 password support - Mailing list pgsql-hackers

From Nathan Bossart
Subject Re: sunsetting md5 password support
Date
Msg-id Zz1BeHjbHECYENmO@nathan
Whole thread Raw
In response to Re: sunsetting md5 password support  (Greg Sabino Mullane <htamfids@gmail.com>)
Responses Re: sunsetting md5 password support
List pgsql-hackers
On Tue, Nov 19, 2024 at 07:29:27PM -0500, Greg Sabino Mullane wrote:
> I just took a fresh look at / compiled this patch, and it all works as
> advertised. My one minor nit is this hint:
> 
> HINT:  Refer to the PostgreSQL documentation for details about migrating to
> another password type.
> 
> We don't really have that in the docs, as near as I can tell, the closest
> is 20.5 which says "make all users set new passwords, and change the
> authentication method specifications in pg_hba.conf to scram-sha-256."
> Maybe that's enough?

That was my initial thinking.  I think we have a few other options:

* Expand the documentation.  Perhaps we could add a step-by-step guide for
  migrating to SCRAM-SHA-256 since more users will need to do so when MD5
  password support is removed.
* Remove the hint.  It's arguably doing little more than pointing out the
  obvious, and it doesn't actually tell users where in the documentation to
  look for this information, anyway.
* Both of the above.

WDYT?

-- 
nathan



pgsql-hackers by date:

Previous
From: Greg Sabino Mullane
Date:
Subject: Re: Proposals for EXPLAIN: rename ANALYZE to EXECUTE and extend VERBOSE
Next
From: Tom Lane
Date:
Subject: Re: Converting SetOp to read its two inputs separately