Bruce Momjian <pgman@candle.pha.pa.us> writes:
> I think the script idea may be best but it will have to be saved
> somewhere so once you run it all future password changes are encrypted
> in pg_shadow.
More to the point, how does the postmaster know that it's now dealing
with encrypted passwords and must use the double-salt auth method?
Seems to me that this is not a simple matter of changing the data in one
column of pg_shadow.
The thing I like about a configure option is that when it's in place you
know it's in place. No question of whether some rows of pg_shadow
managed to escape being updated, or any silliness like that. Your point
about "they think they are safe but they are not" seems relevant here.
regards, tom lane