Quick Links

Defaulting to password_encryption = scram-sha-256

From:	Andres Freund <andres(at)anarazel(dot)de>
To:	pgsql-hackers(at)postgresql(dot)org, Heikki Linnakangas <hlinnaka(at)iki(dot)fi>, Michael Paquier <michael(dot)paquier(at)gmail(dot)com>
Subject:	Defaulting to password_encryption = scram-sha-256
Date:	2018-10-07 06:43:06
Message-ID:	20181007064306.i6ensyhb4uhuyfbe@alap3.anarazel.de
Views:	Raw Message \| Whole Thread \| Download mbox \| Resend email
Thread:
Lists:	pgsql-hackers

Hi,

Now that we probably have shaken the worst issues out of scram,
shouldn't we change the default password_encryption to something that
doesn't scare people? The only reason I could think of not wanting to
do that for is that we don't necessarily guarantee that we have a strong
random generator, but if that's the issue, we should change initdb to
default it to something safe if the platform provides something. Which
is just about any sane one, no?

Greetings,

Andres Freund

Responses

Re: Defaulting to password_encryption = scram-sha-256 at 2018-10-07 08:03:42 from Michael Paquier

Browse pgsql-hackers by date

	From	Date	Subject
Next Message	Michael Paquier	2018-10-07 07:59:56	Re: pg_upgrade failed with ERROR: null relpartbound for relation 18159 error.
Previous Message	Tom Lane	2018-10-07 06:11:59	Re: now() vs transaction_timestamp()