Re: encrypted passwords

Bruce Momjian <pgman@candle.pha.pa.us> writes:
> It also allowed auto-migration to encrypted passwords from an old dump
> file.

Ah, right, that was it: we wanted to be able to have a pg_dumpall script
containing a mix of crypted and noncrypted passwords in CREATE USER
commands be loaded either as-is, or have all the passwords forced to
crypted form, depending on the setting of password_encryption.  So we
didn't really want the CREATE USER commands in the script to say exactly
what to do.  Therefore, in the design as released the CREATE USER
commands emitted by pg_dumpall don't actually say either ENCRYPTED or
UNENCRYPTED.  We didn't see a need for ALREADY_CRYPTED either,
figuring that it would actually be more reliable to deduce that by
looking at the data than by having a separate flag for it.
        regards, tom lane