The following documentation comment has been logged on the website:
Page: https://www.postgresql.org/docs/9.1/static/auth-methods.html
Description:
this page claims
'If you are at all concerned about password "sniffing" attacks then md5 is
preferred. '
but how does this really help? If an md5 hash is enough to get access, then
sniffing an md5has is actually the same as sniffing the password?'