SCRAM authentication in PostgreSQL

328

Zitieren

Zugehöriges Material

PGCon - PostgreSQL Conference for Users and Developers

Linnakangas, Heikki

Formale Metadaten

Titel

SCRAM authentication in PostgreSQL

Serientitel

PGCon 2017

Anzahl der Teile

Autor

Linnakangas, Heikki

Lizenz

CC-Namensnennung 3.0 Unported:
Sie dürfen das Werk bzw. den Inhalt zu jedem legalen Zweck nutzen, verändern und in unveränderter oder veränderter Form vervielfältigen, verbreiten und öffentlich zugänglich machen, sofern Sie den Namen des Autors/Rechteinhabers in der von ihm festgelegten Weise nennen.

Identifikatoren

10.5446/48967 (DOI)

Herausgeber

PGCon - PostgreSQL Conference for Users and Developers

Erscheinungsjahr

2018

Sprache

Englisch

Inhaltliche Metadaten

Fachgebiet

Information und Dokumentation

Genre

Konferenz/Talk

Abstract

PostgreSQL's current password-based authentication mechanism is old and weak by today's standards. It uses MD5, which is generally considered not secure anymore. SSL can alleviate that, and there are other, stronger, authentication mechanisms like Kerberos, but they are more complicated to set up. SCRAM is a modern, secure password-based authentication mechanism. There is a patch in the works, to support SCRAM authentication in PostgreSQL, replacing the current MD5 authentication mechanism in the long run. By the time of PGCon, it is hopefully committed, and will appear in PostgreSQL version 10. In this presentation, I will explain how SCRAM works, and the benefits it has over current authentication mechanisms. I will give an update of the current status of the patch, as well as status of driver support and future works.