Re: Automatic upgrade of passwords from md5 to scram-sha256

Bruce Momjian <bruce@momjian.us>

From: Bruce Momjian <bruce@momjian.us>
To: Tom Lane <tgl@sss.pgh.pa.us>
Cc: "Peter J. Holzer" <hjp-pgsql@hjp.at>, pgsql-general@postgresql.org
Date: 2025-01-12T23:37:29Z
Lists: pgsql-general
On Sun, Jan 12, 2025 at 05:59:20PM -0500, Tom Lane wrote:
> > If the password for the user is stored as an MD5 hash, the server
> > replies to the startup message with an AuthenticationCleartextPassword
> > respnse to force the client to send the password in the clear
> > (obviously you only want to do that if the connection is TLS-encrypted
> > or otherwise safe from eavesdropping).
> 
> I think this idea is a nonstarter, TLS or not.  We're generally moving
> in the direction of never letting the server see cleartext passwords.
> It's already possible to configure libpq to refuse such requests
> (see require_auth parameter), although that hasn't been made the
> default.

Agreed.  I think weakening the MD5 handshake to switch to a more secure
hash algorithm is unwise.

-- 
  Bruce Momjian  <bruce@momjian.us>        https://momjian.us
  EDB                                      https://enterprisedb.com

  Do not let urgent matters crowd out time for investment in the future.