Change PostgreSQL password encryption from MD5 to

2019-07-02 21:12发布

问题:

Is there a way to change the PostgreSQL password encryption method from MD5 to SHA?

If Yes, can you please tell me how?

I am using PostgreSQL 9.5

回答1:

Pg 10

With PostgreSQL 10, you can set password_encryption to scram-sha-256. From the docs

When a password is specified in CREATE ROLE or ALTER ROLE without writing either ENCRYPTED or UNENCRYPTED, this parameter determines whether the password is to be encrypted. The default value is md5, which stores the password as an MD5 hash. Setting this to plain stores it in plaintext. on and off are also accepted, as aliases for md5 and plain, respectively. Setting this parameter to scram-sha-256 will encrypt the password with SCRAM-SHA-256.

See this post for information about iterations using scram-sha-256

Pg 9.x

This can not be done without actually modifying the source.