On Fri, Nov 3, 2017 at 3:19 AM, Craig Ringer <craig@xxxxxxxxxxxxxxx> wrote: > This is probably off topic for pgsql-hackers. > > For password crypto please go read the SCRAM thread and the PostgreSQL > 10 release notes. The SCRAM discussion is spread across two threads mainly with hundreds of emails, which may discourage even the bravest. Here are links to the important documentation: https://www.postgresql.org/docs/current/static/auth-methods.html#auth-password https://www.postgresql.org/docs/10/static/sasl-authentication.html And PostgreSQL implements SCRAM-SHA-256 following RFCs 7677 and 5802: https://tools.ietf.org/html/rfc5802 https://tools.ietf.org/html/rfc7677 -- Michael -- Sent via pgsql-general mailing list (pgsql-general@xxxxxxxxxxxxxx) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-general
