Re: BUG #15911: Why no Bcrypt in pg_hba.conf?

>>>>> "PG" == PG Bug reporting form <noreply@postgresql.org> writes:

 PG> I see that the encryption methods supported in
 PG> `/etc/postgresql/##/main/pg_hba.conf` are only md5 and sha256.

The supported methods are actually md5 (for historical compatibility)
and SCRAM, which is a better challenge-response protocol than the one we
used to use, using sha256 as the hash algorithm. We do NOT use sha256
as-is as a password hash, SCRAM stores a PBKDF2 result as specified by
the SCRAM protocol definition.

 PG> Can you please add `bcrypt` as method option?

Not unless it gets added to the SCRAM specification.

Note that our primary goal here is to provide a secure and standard
challenge-response authentication mechanism, not to provide random
alternate algorithms for password storage.

-- 
Andrew (irc:RhodiumToad)