>> The comment in pg_hba.conf.sample seem to prefer md5 over clear text >> password. >> >> # Note that "password" sends passwords in clear text; "md5" or >> # "scram-sha-256" are preferred since they send encrypted passwords. > > Should that be reworded to eliminate "md5"? I'd consider "scram-sha-256" > suitable over a clear channel, but I've never recommended "md5" for that.
I don't think so unless clear text password is superior than md5. Best regards, -- Tatsuo Ishii SRA OSS, Inc. Japan English: http://www.sraoss.co.jp/index_en.php Japanese:http://www.sraoss.co.jp -- Sent via pgsql-hackers mailing list (firstname.lastname@example.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers