MD5 is the only password storage hashing algorithm that is supported by PG 9.x. And it's legacy, i. e. broken beyond repair and hope. PG 10 introduced SCRAM-SHA-256. Not only is sha256 a stronger and - for the foreseeable future - secure hashing algorithm, it also is salted and bundled with salted challenge response authentication, which doesn't expose passwords to sniffing parties on the network. Even if database breaches are something that seems like a worst case scenario, exposing passwords due to weak hashes during a breach will put a lot of users under fire, since we all know a lot of people recycle their passwords. SCRAM-SHA-256 won't be breakable for quite some time (as of current knowledge), and the salting counters rainbow table attacks too.
There also is the problem that MD5 hashed passwords are incompatible with SCRAM-SHA-256 authentication, so upgrading and using the better algorithm is only possible by resetting all passwords, which is a nightmare in its own right.
- vertx-pg-client version > 4.0.0-milestone4: https://github.com/eclipse-vertx/vertx-sql-client/commit/d96e53f80c0066b377c43efbd1c6466bb0d06e51 or
- vertx-pg-client version > 3.8.5: https://github.com/eclipse-vertx/vertx-sql-client/commit/f806158a9ff8c2561433855a4bf9f2c6472e3ba0
The old deprecated client https://github.com/vert-x3/vertx-mysql-postgresql-client / https://github.com/vert-x3/vertx-sql-common only supports MD5, it doesn't support SCRAM.
If all subtasks are finished add a note how to configure PostgreSQL for SCRAM-SHA-256 to all installation documentation documents.