Fabrice Chapuis
Reputation: 498
with scram-sha-256 is password encrypted during authentication
With the scram-sha-256 protocol, does Postgres server encrypt the client's password when initializing the connection so that authentication is secure and the password cannot be read?
Upvotes: 1
Views: 463
Answers (1)
jjanes
Reputation: 44202
It is even better than encrypted, it is salted and hashed. Not only can an eavesdropper not readily reverse it back to the raw password, the server can't either. A weakness though is that if you connect to a malicious server, it can simply insist on not using scram, and the default client will silently comply.
Upvotes: 1
Related Questions
- I tried to change postgresql md5 to scram-sha-256 and I get FATAL password authentication failed
- PostgreSQL downgrade password encryption from SCRAM to md5
- How can I solve Postgresql SCRAM authentication problem?
- Creating user with encrypted password in PostgreSQL
- is password sent encrypted for authentication?
- How to use scram-sha-256 in Postgres 10 in Debian? Getting "FATAL: password authentication failed"
- Login to PostgreSQL using md5 encrypted password and not plaintext password
- PostgreSQL user password change from MD5 to scram-sha-265
- How to Decrypt hashpasswords in PostgreSQL
- how use SCRAM-SHA-256 to connect database by jdbc in PostgresSQL