Re: Automatic upgrade of passwords from md5 to scram-sha256

"Peter J. Holzer" <hjp-pgsql@hjp.at> writes:
> The web framework Django will automatically and transparently rehash any
> password with the currently preferred algorithm if it isn't stored that
> way already.

Really?  That implies that the framework has access to the original
cleartext password, which is a security fail already.

> Can PostgreSQL do that, too? (I haven't found anything)

No.  The server has only the hashed password, it can't reconstruct
the original.

> If the password for the user is stored as an MD5 hash, the server
> replies to the startup message with an AuthenticationCleartextPassword
> respnse to force the client to send the password in the clear
> (obviously you only want to do that if the connection is TLS-encrypted
> or otherwise safe from eavesdropping).

I think this idea is a nonstarter, TLS or not.  We're generally moving
in the direction of never letting the server see cleartext passwords.
It's already possible to configure libpq to refuse such requests
(see require_auth parameter), although that hasn't been made the
default.

            regards, tom lane