On Tue, Mar 14, 2017 at 11:47 AM, Tom Lane <t...@sss.pgh.pa.us> wrote: > Robert Haas <robertmh...@gmail.com> writes: >> I'm not talking about changing the default, just having it be possible >> to use \password with the new system as it was with the old, whatever >> exactly we think that means.
I think that this means looking at password_encryption within PQencryptPassword(), something that could silently break some applications. That's why with Joe we are mentioning upthread to extend PQencryptPassword() with a hashing method, and have a function to allow retrieval of the password type for a given user. > Seems to me the intended behavior of \password is to use the best > available practice. So my guess is that it ought to use SCRAM when > talking to a >= 10.0 server. What the previous password was ought > to be irrelevant, even if it could find that out which it shouldn't > be able to IMO. And in a release or two? SCRAM being a fresh feature, switching the hashing now is not much a conservative approach. -- Michael -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
