Re: md5_password_warnings for password auth with MD5-encrypted passwords
Nathan Bossart <nathandbossart@gmail.com>
From: Nathan Bossart <nathandbossart@gmail.com>
To: Michael Paquier <michael@paquier.xyz>
Cc: Jacob Champion <jacob.champion@enterprisedb.com>, Kyotaro Horiguchi <horikyota.ntt@gmail.com>, masao.fujii@gmail.com, pgsql-hackers@lists.postgresql.org
Date: 2026-06-29T14:33:56Z
Lists: pgsql-hackers
On Mon, Jun 29, 2026 at 12:00:31PM +0900, Michael Paquier wrote: > On Fri, Jun 26, 2026 at 01:18:55PM -0500, Nathan Bossart wrote: >> TBH I'm not too opinionated here, if for no other reason than all this code >> should be getting deleted in the next couple of years. > > v20 perhaps? Let's be on the very optimistic side of the spectrum. :p My plan was to allow a couple more years for word to spread and warnings to be seen, and then to remove it in ~v22. If there's consensus to do it earlier, I'm happy to do so, but I lean towards extreme caution with the timeline. -- nathan
Commits
-
Warn on password auth with MD5-encrypted passwords
- e57a865dc700 19 (unreleased) landed
- f6fdc2a4a737 master landed