PGCon2017 - 20180510
PGCon 2017
The PostgreSQL Conference
| Speakers | |
|---|---|
|
Heikki Linnakangas |
| Schedule | |
|---|---|
| Day | Talks - Day 2 - 2017-05-26 |
| Room | DMS 1120 |
| Start time | 15:00 |
| Duration | 00:45 |
| Info | |
| ID | 1071 |
| Event type | Lecture |
| Track | Hacking |
| Language used for presentation | English |
SCRAM authentication in PostgreSQL
PostgreSQL's current password-based authentication mechanism is old and weak by today's standards. It uses MD5, which is generally considered not secure anymore. SSL can alleviate that, and there are other, stronger, authentication mechanisms like Kerberos, but they are more complicated to set up.
SCRAM is a modern, secure password-based authentication mechanism. There is a patch in the works, to support SCRAM authentication in PostgreSQL, replacing the current MD5 authentication mechanism in the long run. By the time of PGCon, it is hopefully committed, and will appear in PostgreSQL version 10.
In this presentation, I will explain how SCRAM works, and the benefits it has over current authentication mechanisms. I will give an update of the current status of the patch, as well as status of driver support and future works.