Re: Defaulting to password_encryption = scram-sha-256

Michael Paquier <michael(at)paquier(dot)xyz> writes:
> On Sat, Oct 06, 2018 at 11:43:06PM -0700, Andres Freund wrote:
>> Now that we probably have shaken the worst issues out of scram,
>> shouldn't we change the default password_encryption to something that
>> doesn't scare people? The only reason I could think of not wanting to
>> do that for is that we don't necessarily guarantee that we have a strong
>> random generator, but if that's the issue, we should change initdb to
>> default it to something safe if the platform provides something. Which
>> is just about any sane one, no?

> In short, +1.

> The random function issue would apply to any platform in need of
> --disable-strong-random, but this applies mainly to some old HP-UX stuff
> if my memory serves me well, so I'd like to think that we should be safe
> to just switch the default and not complicate initdb.

Yeah, I don't see why that should affect anything. SCRAM with a poor
random function is probably still better than MD5.

As I recall, the reason for not defaulting to SCRAM right away had
nothing to do with that; it was worry about how many clients would
get locked out for lack of SCRAM support. But the list at
https://wiki.postgresql.org/wiki/List_of_drivers
looks pretty positive, and another year would probably be enough
to give the stragglers time to catch up ... especially if they know
this is coming.

regards, tom lane