On Fri, Mar 14, 2025 at 12:50 PM Greg Sabino Mullane <htamf...@gmail.com> wrote:
> I'd rather not sit on this another year, if we can help it. We really > should be warning people about this practice. The exact wording of the hint > can be up for debate (or postponed - we technically don't have to say > anything other than 'bad idea'). > > Having the ability to disable clear text passwords seems an immediate win > for those that want to enable it. Sure, we could be doing more, but I don't > see any of the proposed future changes interfering with this patch. > I agree. This is a clear win that can easily be turned on by packagers/distributors with little consequence to everyone else. My only suggestion would be to have the GUC name be closer to other password-related settings. Looking at the sample file I see password_encryption md5_password_warnings So perhaps something like password_cleartext_action would fit in a little better and make it easier to spot while going through the file. Roberto
