>>>>> "PG" == PG Bug reporting form <noreply@postgresql.org> writes:
PG> I see that the encryption methods supported in
PG> `/etc/postgresql/##/main/pg_hba.conf` are only md5 and sha256.
The supported methods are actually md5 (for historical compatibility)
and SCRAM, which is a better challenge-response protocol than the one we
used to use, using sha256 as the hash algorithm. We do NOT use sha256
as-is as a password hash, SCRAM stores a PBKDF2 result as specified by
the SCRAM protocol definition.
PG> Can you please add `bcrypt` as method option?
Not unless it gets added to the SCRAM specification.
Note that our primary goal here is to provide a secure and standard
challenge-response authentication mechanism, not to provide random
alternate algorithms for password storage.
--
Andrew (irc:RhodiumToad)