Re: password_encryption default
| От | Magnus Hagander |
|---|---|
| Тема | Re: password_encryption default |
| Дата | |
| Msg-id | CABUevExw+eFK0Hmw3n2Q9bSY3-K0joo3UyRTeXm13UJsAsVdfA@mail.gmail.com обсуждение исходный текст |
| Ответ на | Re: password_encryption default (Tom Lane <tgl@sss.pgh.pa.us>) |
| Ответы |
Re: password_encryption default
|
| Список | pgsql-hackers |
On Fri, May 22, 2020 at 4:13 PM Tom Lane <tgl@sss.pgh.pa.us> wrote:
Peter Eisentraut <peter.eisentraut@2ndquadrant.com> writes:
> We didn't get anywhere with making the default authentication method in
> a source build anything other than trust. But perhaps we should change
> the default for password_encryption to nudge people to adopt SCRAM?
> Right now, passwords are still hashed using MD5 by default, unless you
> specify scram-sha-256 using initdb -A or similar.
I think what that was waiting on was for client libraries to become
SCRAM-ready. Do we have an idea of the state of play on that side?
If the summary table on the wiki at https://wiki.postgresql.org/wiki/List_of_drivers is to be trusted, every listed driver except Swift does.
В списке pgsql-hackers по дате отправления: