Re: password_encryption, default and 'plain' support
Magnus Hagander <magnus@hagander.net>
From: Magnus Hagander <magnus@hagander.net>
To: Michael Paquier <michael.paquier@gmail.com>
Cc: Heikki Linnakangas <hlinnaka@iki.fi>,
pgsql-hackers <pgsql-hackers@postgresql.org>
Date: 2017-05-03T12:57:26Z
Lists: pgsql-hackers
On Wed, May 3, 2017 at 2:25 PM, Michael Paquier <michael.paquier@gmail.com> wrote: > On Wed, May 3, 2017 at 8:38 PM, Magnus Hagander <magnus@hagander.net> > wrote: > > On Wed, May 3, 2017 at 1:31 PM, Heikki Linnakangas <hlinnaka@iki.fi> > wrote: > >> In various threads on SCRAM, we've skirted around the question of > whether > >> we should still allow storing passwords in plaintext. I've avoided > >> discussing that in those other threads, because it's been an orthogonal > >> question, but it's a good question and we should discuss it. > >> > >> So, I propose that we remove support for password_encryption='plain' in > >> PostgreSQL 10. If you try to do that, you'll get an error. > > > > Is there any usecase at all for it today? > > For developers running applications on top of Postgres? > I don't get it. How does password_encryption=plain help them? -- Magnus Hagander Me: https://www.hagander.net/ <http://www.hagander.net/> Work: https://www.redpill-linpro.com/ <http://www.redpill-linpro.com/>
Commits
-
Remove support for password_encryption='off' / 'plain'.
- eb61136dc75a 10.0 landed