On 10/14/2015 1:31 PM, Quiroga, Damian wrote:
>
> Does postgres support other (stronger) hashing algorithms than MD5 to
> store the database passwords at disk?
>
> If not, is there any plan to move away from MD5?
>
if you can read the password database, you already have superuser access
to the full database.... so what threat does a stronger hash address?
if you need stronger security, don't use passwords, use ssl
certificates, or LDAP, or something.
--
john r pierce, recycling bits in santa cruz