The YugabyteDB 2.5 release adds many critical enterprise-grade security features. This blog post outlines these newly added features.
Authentication
Adding scram-sha-256 Authentication
The first notable addition is the addition of a much improved, password-based authentication mechanism called Salted Challenge Response Authentication Mechanism (or simply SCRAM) as described in RFC5802. This scram-sha-256 authentication mechanism, identical to the most secure PostgreSQL authentication schema, is a challenge-response scheme that prevents password sniffing on untrusted connections and supports storing passwords on the server in a cryptographically hashed form that is thought to be secure. To enable this feature, simply pass the following flag when starting the yb-tserver.
from DZone.com Feed https://ift.tt/3l5doQZ
No comments:
Post a Comment