diff --git a/roles/learningcircles-app/tasks/main.yml b/roles/learningcircles-app/tasks/main.yml
index 8edb593..0771043 100644
--- a/roles/learningcircles-app/tasks/main.yml
+++ b/roles/learningcircles-app/tasks/main.yml
@@ -38,6 +38,8 @@
     login_host: "127.0.0.1"
     login_user: "{{PG_ADMIN_USER}}"
     login_password: "{{PG_ADMIN_PASSWORD}}"
+  environment:
+    PGOPTIONS: "-c password_encryption=scram-sha-256"
 
 - name: create postgres db
   postgresql_db:
diff --git a/roles/postgres/tasks/main.yml b/roles/postgres/tasks/main.yml
index 29abbb6..9e17f22 100644
--- a/roles/postgres/tasks/main.yml
+++ b/roles/postgres/tasks/main.yml
@@ -12,7 +12,7 @@
 - name: start postgres docker image
   docker_container:
     name: p2pu-postgres
-    image: postgres:11
+    image: "postgres:{{VERSION}}"
     state: started
     pull: yes
     restart: yes
@@ -20,13 +20,13 @@
     ports:
     - 127.0.0.1:5432:5432
     volumes:
-    - "/var/p2pu/volumes/postgres-11/data:/var/lib/postgresql/data"
+    - "/var/p2pu/volumes/postgres-{{VERSION}}/data:/var/lib/postgresql/data"
     env:
       POSTGRES_USER: "{{ PG_ADMIN_USER }}"
       POSTGRES_PASSWORD: "{{ PG_ADMIN_PASSWORD }}"
 
 - name: wait for postgres startup
-  shell: docker run --rm --link p2pu-postgres:postgres postgres:11 pg_isready -h postgres
+  shell: "docker run --rm --link p2pu-postgres:postgres postgres:{{VERSION}} pg_isready -h postgres"
   register: result
   until: result.stdout.find("accepting connections") != -1
   retries: 10
diff --git a/roles/postgres-update/tasks/main.yml b/roles/postgres_update/tasks/main.yml
similarity index 54%
rename from roles/postgres-update/tasks/main.yml
rename to roles/postgres_update/tasks/main.yml
index 8063d38..04bead8 100644
--- a/roles/postgres-update/tasks/main.yml
+++ b/roles/postgres_update/tasks/main.yml
@@ -5,28 +5,34 @@
 - name: start new postgres docker image
   docker_container:
     name: new-postgres
-    image: postgres:11
+    image: "postgres:{{ NEW_VERSION }}"
     state: started
     pull: yes
     restart: yes
     restart_policy: always
     volumes:
-    - "/var/p2pu/volumes/postgres-11/data:/var/lib/postgresql/data"
+    - "/var/p2pu/volumes/postgres-{{ NEW_VERSION }}/data:/var/lib/postgresql/data"
     env:
       POSTGRES_USER: "{{ PG_ADMIN_USER }}"
       POSTGRES_PASSWORD: "{{ PG_ADMIN_PASSWORD }}"
 
-# What about waiting for the db to be ready?
-# docker exec learning-circles-db-11 pg_isready
-# /var/run/postgresql:5432 - accepting connections
+- name: wait for postgres startup
+  shell: "docker run --rm --link new-postgres:postgres postgres:{{ NEW_VERSION }} pg_isready -h postgres"
+  register: result
+  until: result.stdout.find("accepting connections") != -1
+  retries: 10
+  delay: 10
 
 - name: load database dump
   shell: docker exec -i new-postgres psql -U "{{ PG_ADMIN_USER }}" < /root/db-migrate.dump
 
+- name: set postgres password again to ensure it uses the default encryption
+  shell: docker exec -i new-postgres psql -U "{{ PG_ADMIN_USER }}" -c "ALTER ROLE postgres WITH LOGIN PASSWORD '{{PG_ADMIN_PASSWORD}}'"
+
 - name: Remove postgres container used to migrate
   docker_container:
     name: new-postgres
-    image: postgres:11
+    image: "postgres:{{ NEW_VERSION }}"
     state: absent
     keep_volumes: yes