Re: md5_password_warnings for password auth with MD5-encrypted passwords
Michael Paquier <michael@paquier.xyz>
From: Michael Paquier <michael@paquier.xyz>
To: Nathan Bossart <nathandbossart@gmail.com>
Cc: Jacob Champion <jacob.champion@enterprisedb.com>, Kyotaro Horiguchi <horikyota.ntt@gmail.com>, masao.fujii@gmail.com, pgsql-hackers@lists.postgresql.org
Date: 2026-06-29T03:00:31Z
Lists: pgsql-hackers
On Fri, Jun 26, 2026 at 01:18:55PM -0500, Nathan Bossart wrote: > On Wed, Jun 24, 2026 at 07:43:21AM -0700, Jacob Champion wrote: >> Presumably the verifier was created a while back, though, in the case >> of an upgrade. Personally I think it makes sense to warn whenever the >> MD5 hash is used to authenticate. > > I'm fine with expanding the warnings to "password" auth. Something else I > considered is whether we should warn if a role with an MD5 password is > authenticated without using the password. I ultimately decided against > that, but we could expand it there, too. FWIW, emitting a WARNING for the "password" case would make more people aware that they're doing something wrong. Folks having the idea to allow plain password authentication should be hopefully next to nothing these days (mostly self-managed), but the more warned the less potential pain when this gets removed. In short, I think that Fujii-san's patch is a good thing to have. >> No opinion on the patch implementation, though (cc'd Nathan who might?). > > TBH I'm not too opinionated here, if for no other reason than all this code > should be getting deleted in the next couple of years. v20 perhaps? Let's be on the very optimistic side of the spectrum. :p -- Michael
Commits
-
Warn on password auth with MD5-encrypted passwords
- e57a865dc700 19 (unreleased) landed
- f6fdc2a4a737 master landed