Re: sunsetting md5 password support
| От | Bruce Momjian |
|---|---|
| Тема | Re: sunsetting md5 password support |
| Дата | |
| Msg-id | ZwhBKeNztHPj0Rzg@momjian.us обсуждение исходный текст |
| Ответ на | Re: sunsetting md5 password support (Jelte Fennema-Nio <postgres@jeltef.nl>) |
| Ответы |
Re: sunsetting md5 password support
|
| Список | pgsql-hackers |
On Wed, Oct 9, 2024 at 10:30:15PM +0200, Jelte Fennema-Nio wrote: > On Wed, 9 Oct 2024 at 21:55, Nathan Bossart <nathandbossart@gmail.com> wrote: > > In this message, I propose a multi-year, incremental approach to remove MD5 > > password support from Postgres. > > +many for the general idea > > I think it makes sense to also remove the "password" authentication > option while we're at it (this can currently be used with SCRAM stored > passwords). I remember "password" as being recommended for SSL connections where there is no risk of the password contents being seen. -- Bruce Momjian <bruce@momjian.us> https://momjian.us EDB https://enterprisedb.com When a patient asks the doctor, "Am I going to die?", he means "Am I going to die soon?"
В списке pgsql-hackers по дате отправления: