| Type: | enum |
| Default: | md5 |
| Context: | user |
| Restart: | false |
| Values: | [md5, scram-sha-256] |
When a password is specified in sql-createrole or sql-alterrole, this parameter determines the algorithm to use to encrypt the password. The default value is md5, which stores the password as an MD5 hash (on is also accepted, as alias for md5). Setting this parameter to scram-sha-256 will encrypt the password with SCRAM-SHA-256.
Note that older clients might lack support for the SCRAM authentication mechanism, and hence not work with passwords encrypted with SCRAM-SHA-256. See auth-password for more details.
Recommendations
There is no good reason for this to be set to “off”.
On StackOverflow
- I tried to change postgresql md5 to scram-sha-256 and I get FATAL password authentication failed
- Postgres 10 Upgrade Stuck Queries
- Unable to connect to Postgres DB due to the authentication type 10 is not supported
- Connect from pgadmin after upgrading to scram-sha-256 password authentication
- How do I enable SSL on my server?