Re: PATCH: warn about, and deprecate, clear text passwords
Roberto Mello <roberto.mello@gmail.com>
From: Roberto Mello <roberto.mello@gmail.com>
To: Greg Sabino Mullane <htamfids@gmail.com>
Cc: Nathan Bossart <nathandbossart@gmail.com>,
Robert Haas <robertmhaas@gmail.com>, Tom Lane <tgl@sss.pgh.pa.us>, Isaac Morland <isaac.morland@gmail.com>, Aleksander Alekseev <aleksander@timescale.com>,
pgsql-hackers <pgsql-hackers@postgresql.org>
Date: 2025-03-16T15:04:12Z
Lists: pgsql-hackers
On Fri, Mar 14, 2025 at 12:50 PM Greg Sabino Mullane <htamfids@gmail.com> wrote: > I'd rather not sit on this another year, if we can help it. We really > should be warning people about this practice. The exact wording of the hint > can be up for debate (or postponed - we technically don't have to say > anything other than 'bad idea'). > > Having the ability to disable clear text passwords seems an immediate win > for those that want to enable it. Sure, we could be doing more, but I don't > see any of the proposed future changes interfering with this patch. > I agree. This is a clear win that can easily be turned on by packagers/distributors with little consequence to everyone else. My only suggestion would be to have the GUC name be closer to other password-related settings. Looking at the sample file I see password_encryption md5_password_warnings So perhaps something like password_cleartext_action would fit in a little better and make it easier to spot while going through the file. Roberto