Percona Live 2022 has ended
Percona Live 2022
Back To Schedule
Tuesday, May 17 • 11:30am - 12:20pm
Get Your Insecure PostgreSQL Passwords to SCRAM!

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
PostgreSQL 10 introduced SCRAM (Salted Challenge Response Authentication Mechanism) to securely authenticate passwords. The SCRAM algorithm lets a client and server securely validate a password without ever exchanging the password using a series of cryptographic methods!

In this talk, we will look at:

  • A history of password storage and authentication in PostgreSQL
  • Flaws in each of the legacy PostgreSQL password-based authentication methods
  • How SCRAM works with a guided deep dive into the algorithm
  • Channel binding, which helps prevent authentication MITM attacks
  • How to safely set and modify your passwords, and how to upgrade to SCRAM-SHA-256

avatar for Jonathan Katz

Jonathan Katz

Principal Product Manager Technical, AWS
Jonathan Katz is a Principal Product Manager Technical at AWS on the RDS Open Source Team. Prior to this, he was the VP of Platform Engineering at Crunchy Data, focused on managing PGO, an open source Postgres Operator behind Crunchy Postgres for Kubernetes.Jonathan is on the PostgreSQL... Read More →

Tuesday May 17, 2022 11:30am - 12:20pm CDT
Salon 2 Zlotnik L