As PostgreSQL needs the password to connect to a service requiring a password, it has to be stored either in plantext or plaintext-equivalent.
You can avoid this by using an authentication method that does not require a password to be stored, such as Kerberos/gssapi or certificate. Nevertheless, the client side of the connection needs to store the credentials for access *in some way*, but for example with certificate authentication method you could use a smartcard or yubikey or similar to store it.