Link to relevant page (if any): https://prosody.im/doc/plain_or_hashed
What's wrong and how can it be improved?
It seems to have become outdated. Since hashed password storage is incompatible with DIGEST-MD5, its availability appears to have contracted significantly. Meanwhile, SCRAM-SHA-1 is now supported by many popular clients and many server deployments.
PLAIN stays as the undisputed king of sadness and lowest common denominator.
https://xmpp.net/reports.php#saslmechanisms
Link to relevant page (if any): https://prosody.im/doc/plain_or_hashed What's wrong and how can it be improved? It seems to have become outdated. Since hashed password storage is incompatible with DIGEST-MD5, its availability appears to have contracted significantly. Meanwhile, SCRAM-SHA-1 is now supported by many popular clients and many server deployments. PLAIN stays as the undisputed king of sadness and lowest common denominator. https://xmpp.net/reports.php#saslmechanisms
Also https://hg.prosody.im/0.10/rev/503f424d4f07#l1.159