Using plaintext password authentication for your postgres connections poses unneeded risk. It is vulnerable to sniffing, tampering, and hijacking. Not only that, a hacker gaining access to a vast array of machines can perform elevation quite easily (for a famous example, look at the Equifax case).
From the documentation:
"The method password sends the password in clear-text and is therefore vulnerable to password “sniffing” attacks. It should always be avoided if possible. If the connection is protected by SSL encryption then password can be used safely, though. (Though SSL certificate authentication might be a better choice if one is depending on using SSL)."
host all 192.168.1.10 255.255.255.255 password
pg_hba.conf, use some other method of trust:
host all 192.168.1.10 255.255.255.255 scram-sha-256
scram-sha-256 is currently the most secure option to use.
Updated 3 months ago