>> The comment in pg_hba.conf.sample seem to prefer md5 over clear text
>> password.
>>
>> # Note that "password" sends passwords in clear text; "md5" or
>> # "scram-sha-256" are preferred since they send encrypted passwords.
>
> Should that be reworded to eliminate "md5"? I'd consider "scram-sha-256"
> suitable over a clear channel, but I've never recommended "md5" for that.
I don't think so unless clear text password is superior than md5.
Best regards,
--
Tatsuo Ishii
SRA OSS, Inc. Japan
English: http://www.sraoss.co.jp/index_en.php
Japanese:http://www.sraoss.co.jp