20.5. Password Authentication
There are several password-based authentication methods. These methods operate similarly but differ in how the users' passwords are stored on the server and how the password provided by a client is sent across the connection.
-
scram-sha-256
-
The method
scram-sha-256
performs SCRAM-SHA-256 authentication, as described in RFC 7677 . It is a challenge-response scheme that prevents password sniffing on untrusted connections and supports storing passwords on the server in a cryptographically hashed form that is thought to be secure.This is the most secure of the currently provided methods, but it is not supported by older client libraries.
-
md5
-
The method
md5
uses a custom less secure challenge-response mechanism. It prevents password sniffing and avoids storing passwords on the server in plain text but provides no protection if an attacker manages to steal the password hash from the server. Also, the MD5 hash algorithm is nowadays no longer considered secure against determined attacks.To ease transition from the
md5
method to the newer SCRAM method, ifmd5
is specified as a method inpg_hba.conf
but the user's password on the server is encrypted for SCRAM (see below), then SCRAM-based authentication will automatically be chosen instead. -
password
-
The method
password
sends the password in clear-text and is therefore vulnerable to password " sniffing " attacks. It should always be avoided if possible. If the connection is protected by SSL encryption thenpassword
can be used safely, though. (Though SSL certificate authentication might be a better choice if one is depending on using SSL).
PostgreSQL
database passwords are
separate from operating system user passwords. The password for
each database user is stored in the
pg_authid
system
catalog. Passwords can be managed with the SQL commands
CREATE ROLE
and
ALTER ROLE
,
e.g.,
CREATE ROLE foo WITH LOGIN PASSWORD 'secret'
,
or the
psql
command
\password
.
If no password has been set up for a user, the stored password
is null and password authentication will always fail for that user.
The availability of the different password-based authentication methods
depends on how a user's password on the server is encrypted (or hashed,
more accurately). This is controlled by the configuration
parameter
password_encryption
at the time the
password is set. If a password was encrypted using
the
scram-sha-256
setting, then it can be used for the
authentication methods
scram-sha-256
and
password
(but password transmission will be in
plain text in the latter case). The authentication method
specification
md5
will automatically switch to using
the
scram-sha-256
method in this case, as explained
above, so it will also work. If a password was encrypted using
the
md5
setting, then it can be used only for
the
md5
and
password
authentication
method specifications (again, with the password transmitted in plain text
in the latter case). (Previous PostgreSQL releases supported storing the
password on the server in plain text. This is no longer possible.) To
check the currently stored password hashes, see the system
catalog
pg_authid
.
To upgrade an existing installation from
md5
to
scram-sha-256
, after having ensured that all client
libraries in use are new enough to support SCRAM,
set
password_encryption = 'scram-sha-256'
in
postgresql.conf
, make all users set new passwords,
and change the authentication method specifications
in
pg_hba.conf
to
scram-sha-256
.