From bee44197c49d23452971a8e222c2db0370ad64ec Mon Sep 17 00:00:00 2001
From: Yohann Bacha <yohann.bacha@scalingo.com>
Date: Thu, 14 Mar 2024 15:19:07 +0100
Subject: [PATCH] feat: changelog entry | STORY-201

---
 src/_posts/databases/postgresql/2000-01-01-overview.md    | 6 ++++++
 .../_posts/2023-12-20-scram-sha-256-default-algo.markdown | 8 ++++++++
 2 files changed, 14 insertions(+)
 create mode 100644 src/changelog/databases/_posts/2023-12-20-scram-sha-256-default-algo.markdown

diff --git a/src/_posts/databases/postgresql/2000-01-01-overview.md b/src/_posts/databases/postgresql/2000-01-01-overview.md
index 2ef3e0f60..14056a788 100644
--- a/src/_posts/databases/postgresql/2000-01-01-overview.md
+++ b/src/_posts/databases/postgresql/2000-01-01-overview.md
@@ -39,6 +39,12 @@ our dedicated page]({% post_url databases/postgresql/2000-01-01-monitoring %}).
 From the security point of view, they all come with a TLS connection and
 encryption at rest.
 
+{% note %}
+  Starting December 20th 2024, every new PostgreSQL database defaults with the 
+  `SCRAM-SHA-256` hash algorithm for users' passwords. You can learn more in 
+  the [dedicated security bulletin]({% post_url security/bulletins/ssb-2024-02 %}).
+{% endnote %}
+
 In addition to the above, Starter plans include daily on-demand backups, as
 well as 7-days Point-in-time Recovery (PITR) backups. All backups are encrypted
 and stored externally. For more information regarding this topic, please
diff --git a/src/changelog/databases/_posts/2023-12-20-scram-sha-256-default-algo.markdown b/src/changelog/databases/_posts/2023-12-20-scram-sha-256-default-algo.markdown
new file mode 100644
index 000000000..998b4028b
--- /dev/null
+++ b/src/changelog/databases/_posts/2023-12-20-scram-sha-256-default-algo.markdown
@@ -0,0 +1,8 @@
+---
+modified_at: 2023-12-20 11:00:00
+title: 'PostgreSQL default password hash algorithm is now SCRAM-SHA-256'
+---
+
+From this date, the default password hash algorithm for new PostgreSQL databases is now `SCRAM-SHA-256`.
+
+You can learn more in the [dedicated security bulletin]({% post_url security/bulletins/ssb-2024-02 %}).
\ No newline at end of file