From cf89ec0757cdb5a9df7488379fb97fd8feeaf2d2 Mon Sep 17 00:00:00 2001 From: Michael Banck Date: Fri, 14 Nov 2025 11:38:45 +0100 Subject: [PATCH v2] Mention that md5-hashed passwords are deprecated in sample postgresql.conf. Version 18 deprecates passwords hashed with password_encryption = 'md5', but the comments for this GUC in postgresql.conf.sample did not mention this. Adding a deprecation notice here might make more people aware of this and lead them to migrate to SCRAM. While at, add a comment to the md5_password_warnings GUC mentioning the MD5 deprecation there as well. --- src/backend/utils/misc/postgresql.conf.sample | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/backend/utils/misc/postgresql.conf.sample b/src/backend/utils/misc/postgresql.conf.sample index 08bcef50c19..5bfb0d8e297 100644 --- a/src/backend/utils/misc/postgresql.conf.sample +++ b/src/backend/utils/misc/postgresql.conf.sample @@ -94,9 +94,9 @@ # - Authentication - #authentication_timeout = 1min # 1s-600s -#password_encryption = scram-sha-256 # scram-sha-256 or md5 +#password_encryption = scram-sha-256 # scram-sha-256 or (deprecated) md5 #scram_iterations = 4096 -#md5_password_warnings = on +#md5_password_warnings = on # display md5 deprecation warnings? #oauth_validator_libraries = '' # comma-separated list of trusted validator modules # GSSAPI using Kerberos -- 2.39.5