Ты прав, нужно было указать сноску на параметры подключения, в дополнение привожу краткий перечень опций параметров авторизации:
trust: A value of trust immediately accepts the connection without further requirements. This assumes that other external authentication methods are in place. It is not recommended in most cases.
reject: A value of reject immediately rejects the connection. This is mainly used to filter out connections that match unwanted patterns.
scram-sha-256: The scram-sha-256 method will check the password provided by the user using SCRAM-SHA-256 authentication. If all of your clients support it, this is currently the most secure option for password authentication.
md5: The md5 method also checks user passwords. This method is less secure than scram-sha-256 but more widely supported. The current implementation will automatically use scram-sha-256 even if md5 is specified if the password is encrypted with SCRAM.
password: The password method is the least secure password authentication method. It sends passwords in plain text and should not be used unless the connection uses TLS/SSL to encrypt the entire connection.
gss: The gss method uses GSSAPI for authentication. This can be used for authentication regardless of whether GSSAPI encryption is used for the connection. This allows authenticating through Kerberos and similar software.
sspi: The sspi method uses the Windows-only Security Support Provider Interface API to authenticate clients.
ident: The ident method checks with a client's ident server for the user initiating the connection. Since this relies on the client's machine, it should only be used for trusted networks where the client machines are tightly controlled.
peer: The peer authentication method is used for local connections. It asks the local operating system for the client's system username. It checks if the name matches the requested database name.
ldap: The ldap method authenticates by using an LDAP server to validate usernames and passwords.
radius: Select radius to use a RADIUS server to check username and password combinations.
cert: The cert method authenticates clients using TLS/SSL client certificates. This is only available for TLS/SSL connections. The client certificate must be a valid, trusted certificate to be accepted.
pam: The pam option will defer authentication to the operating system's PAM service.
bsd: The bsd method uses the BSD Authentication service to validate usernames and passwords. This method is only available on OpenBSD hosts.