On 07/13/17 20:09, Tatsuo Ishii wrote: > The comment in pg_hba.conf.sample seem to prefer md5 over clear text > password. > > # Note that "password" sends passwords in clear text; "md5" or > # "scram-sha-256" are preferred since they send encrypted passwords.
Should that be reworded to eliminate "md5"? I'd consider "scram-sha-256" suitable over a clear channel, but I've never recommended "md5" for that. -Chap -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers