Re: PATCH: warn about, and deprecate, clear text passwords
Nathan Bossart <nathandbossart@gmail.com>
From: Nathan Bossart <nathandbossart@gmail.com>
To: Isaac Morland <isaac.morland@gmail.com>
Cc: Greg Sabino Mullane <htamfids@gmail.com>, Aleksander Alekseev <aleksander@timescale.com>, pgsql-hackers <pgsql-hackers@postgresql.org>
Date: 2025-02-24T21:18:21Z
Lists: pgsql-hackers
On Mon, Feb 24, 2025 at 04:06:41PM -0500, Isaac Morland wrote: > And in any case I believe the existing behaviour can still be had by > configuration so we're not really imposing anything on anybody. Well, the discussion upthread suggests "disallowing plain text passwords completely" [0], which means at some point we would have to impose something, right? Again, maybe this in itself is not a deal-breaker. After all, we'll probably have a similar problem when we eventually remove MD5 password support down the road. [0] https://postgr.es/m/CAKAnmmKGWxEGbvuBAxyDWmuije8agUHTY-82DR1VEkFM2vKNTg%40mail.gmail.com -- nathan