Peter Eisentraut <[email protected]> writes:
> Well, you would lose anyway if the DBA switches the pg_hba.conf setting
> from md5 to password without telling you.
True :-(. Anybody for a zero-knowledge protocol?
(Realistically, non-password-based auth methods are the only real
solution here, I fear. We should probably be doing more to encourage
people to use SSL-cert-based authentication in low-trust situations.)
regards, tom lane
--
Sent via pgsql-hackers mailing list ([email protected])
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers
