* Tom Lane (tgl@sss.pgh.pa.us) wrote:
> Peter Eisentraut <peter_e@gmx.net> writes:
> > Well, you would lose anyway if the DBA switches the pg_hba.conf setting
> > from md5 to password without telling you.
>
> True :-(. Anybody for a zero-knowledge protocol?
>
> (Realistically, non-password-based auth methods are the only real
> solution here, I fear. We should probably be doing more to encourage
> people to use SSL-cert-based authentication in low-trust situations.)
Or GSSAPI.. Helping users understand how they can leverage their
existing Kerberos or MS SSPI single-sign-on infrastructures to securely
access PG would go a long way to reducing the password-based usage out
there, imo. Of course, it'd be nice if we supported GSSAPI encrypted
transport too. Separating the encryption into SSL is less than ideal.
Stephen