Peter Eisentraut <peter(dot)eisentraut(at)2ndquadrant(dot)com> writes: > We didn't get anywhere with making the default authentication method in > a source build anything other than trust. But perhaps we should change > the default for password_encryption to nudge people to adopt SCRAM? > Right now, passwords are still hashed using MD5 by default, unless you > specify scram-sha-256 using initdb -A or similar.
I think what that was waiting on was for client libraries to become SCRAM-ready. Do we have an idea of the state of play on that side?