| From: | Michael Paquier <michael(dot)paquier(at)gmail(dot)com> |
|---|---|
| To: | Jeff Janes <jeff(dot)janes(at)gmail(dot)com> |
| Cc: | John R Pierce <pierce(at)hogranch(dot)com>, "pgsql-general(at)postgresql(dot)org" <pgsql-general(at)postgresql(dot)org> |
| Subject: | Re: Not storing MD5 hashed passwords |
| Date: | 2015-10-15 00:49:59 |
| Message-ID: | CAB7nPqQpr81fNEjkMg8haN-TZ56FBVVWouxDhpxNFNzRofE7aw@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
On Thu, Oct 15, 2015 at 7:19 AM, Jeff Janes <jeff(dot)janes(at)gmail(dot)com> wrote:
> On Wed, Oct 14, 2015 at 1:41 PM, John R Pierce <pierce(at)hogranch(dot)com> wrote:
>>
>> On 10/14/2015 1:31 PM, Quiroga, Damian wrote:
>>
>>
>>
>> Does postgres support other (stronger) hashing algorithms than MD5 to
>> store the database passwords at disk?
>>
>> If not, is there any plan to move away from MD5?
> There are proposals to do so, the most advanced one I know of is with SCRAM.
> But I don't think any of them have turned into actual plans yet.
I would not be so sure, I heard of a patch regarding that for 9.6:
https://commitfest.postgresql.org/6/320/
--
Michael
| From | Date | Subject | |
|---|---|---|---|
| Next Message | anj patnaik | 2015-10-15 01:39:14 | question |
| Previous Message | Quiroga, Damian | 2015-10-14 22:27:59 | Re: Not storing MD5 hashed passwords |