> Best solution: Upgrade everyone to scram, then change md5 to scram in > pg_hba.conf and never look back. >
To expand more on the "upgrade everyone to scram", that means force all users to set a new password while using scram (which should be the default). You can do it yourself by getting a list of users and changing their passwords inside psql: -- List all users still stuck in md5-land: greg=# select rolname from pg_authid where rolpassword ~ '^md5' alice eve mallory (3 rows) -- Just in case, force use of scram greg=# set password_encryption = 'scram-sha-256'; SET -- Reset each user's password to some strong password of your choice: greg=# \password alice Enter new password for user "alice": Enter it again: -- Repeat the above until this query returns no rows: select rolname from pg_authid where rolpassword ~ '^md5' Cheers, Greg -- Crunchy Data - https://www.crunchydata.com Enterprise Postgres Software Products & Tech Support