Re: [Patch] Mention md5 is deprecated in postgresql.conf.sample

Michael Banck <mbanck@gmx.net>

From: Michael Banck <mbanck@gmx.net>
To: Robert Treat <rob@xzilla.net>
Cc: Postgres hackers <pgsql-hackers@lists.postgresql.org>
Date: 2025-11-15T14:55:39Z
Lists: pgsql-hackers
Hi,

On Sat, Nov 15, 2025 at 09:37:37AM -0500, Robert Treat wrote:
> +1 to the general idea, though I think it should go the other way
> around (it is a small enough grammatical point I'm sure some would
> argue the other way around).
> 
> # password_encryption = scram-sha-256 # scram-sha-256 or md5 (deprecated)

I thought about that, but then wondered whether people would think the
whole thing (password_encryption) is deprecated or maybe both
scram-sha-256 and md5?

> Also +1 for backpatching. IIRC this would only show up in new
> clusters, but we're still pretty early on in the cycle, so it seems
> worth it.

Yeah.


Michael