On Wed, 2009-10-14 at 12:59 -0400, Tom Lane wrote:
> If psql or pgAdmin takes a password and
> then sends it in the clear without telling me, that's a breach of
> trust
> with potentially serious consequences. I might not trust the DBA, for
> example, or I might be less confident of the network infrastructure
> than he is.
Well, you would lose anyway if the DBA switches the pg_hba.conf setting
from md5 to password without telling you. There is usually no
straightforward way in client applications to guard against that.
Something to think about.