Type: | enum |
Default: | md5 |
Context: | user |
Restart: | false |
Values: | [md5, scram-sha-256] |
When a password is specified in sql-createrole or sql-alterrole, this parameter determines the algorithm to use to encrypt the password. The default value is md5
, which stores the password as an MD5 hash (on
is also accepted, as alias for md5
). Setting this parameter to scram-sha-256
will encrypt the password with SCRAM-SHA-256.
Note that older clients might lack support for the SCRAM authentication mechanism, and hence not work with passwords encrypted with SCRAM-SHA-256. See auth-password for more details.
Recommendations
There is no good reason for this to be set to “off”.
On StackOverflow
- I tried to change postgresql md5 to scram-sha-256 and I get FATAL password authentication failed
- Postgres 10 Upgrade Stuck Queries
- Unable to connect to Postgress DB due to the authentication type 10 is not supported
- Connect from pgadmin after upgrading to scram-sha-256 password authentication
- How do I enable SSL on my server?