Re: PATCH: warn about, and deprecate, clear text passwords

Nathan Bossart <nathandbossart@gmail.com>

From: Nathan Bossart <nathandbossart@gmail.com>
To: Isaac Morland <isaac.morland@gmail.com>
Cc: Greg Sabino Mullane <htamfids@gmail.com>, Aleksander Alekseev <aleksander@timescale.com>, pgsql-hackers <pgsql-hackers@postgresql.org>
Date: 2025-02-24T21:18:21Z
Lists: pgsql-hackers
On Mon, Feb 24, 2025 at 04:06:41PM -0500, Isaac Morland wrote:
> And in any case I believe the existing behaviour can still be had by
> configuration so we're not really imposing anything on anybody.

Well, the discussion upthread suggests "disallowing plain text passwords
completely" [0], which means at some point we would have to impose
something, right?  Again, maybe this in itself is not a deal-breaker.
After all, we'll probably have a similar problem when we eventually remove
MD5 password support down the road.

[0] https://postgr.es/m/CAKAnmmKGWxEGbvuBAxyDWmuije8agUHTY-82DR1VEkFM2vKNTg%40mail.gmail.com

-- 
nathan