From d8f476363f393b12232b4a973cbfffbbac25fc0a Mon Sep 17 00:00:00 2001 From: Michael Banck Date: Fri, 14 Nov 2025 11:38:45 +0100 Subject: [PATCH] Mention that md5-hashed passwords are deprecated in sample postgresql.conf. Version 18 deprecates passwords hashed with password_encryption = 'md5', but the comments for this GUC in postgresql.conf.sample did not mention this. Adding a deprecation notice here might make more people aware of this and lead them to migrate to SCRAM. --- src/backend/utils/misc/postgresql.conf.sample | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/backend/utils/misc/postgresql.conf.sample b/src/backend/utils/misc/postgresql.conf.sample index 08bcef50c19..4f09ddd82e3 100644 --- a/src/backend/utils/misc/postgresql.conf.sample +++ b/src/backend/utils/misc/postgresql.conf.sample @@ -94,7 +94,7 @@ # - Authentication - #authentication_timeout = 1min # 1s-600s -#password_encryption = scram-sha-256 # scram-sha-256 or md5 +#password_encryption = scram-sha-256 # scram-sha-256 or (deprecated) md5 #scram_iterations = 4096 #md5_password_warnings = on #oauth_validator_libraries = '' # comma-separated list of trusted validator modules -- 2.39.5