On Fri, Nov 14, 2025 at 5:48 AM Michael Banck <[email protected]> wrote: > > Hi, > > while looking through postgresql.conf on PG18, I noticed that > password_encryption mentions md5 as valid alternative to scram-sha-256. > I think it would be useful to mention md5 is deprecated so that people > looking at it (but have otherwise not gotten the memo) will realize and > hopefully act on it. > > Patch attached, I think it would be a candidate for being back-patched > to PG18 if accepted. >
+1 to the general idea, though I think it should go the other way around (it is a small enough grammatical point I'm sure some would argue the other way around). # password_encryption = scram-sha-256 # scram-sha-256 or md5 (deprecated) Also +1 for backpatching. IIRC this would only show up in new clusters, but we're still pretty early on in the cycle, so it seems worth it. Robert Treat https://xzilla.net
