Online documentation unclear about authentication defaults

Hi,

After following the postgresql tutorial for setting up a postgresql
server [1] I noticed that I could log in without entering my password.
The documentation did not tell me this (maybe I overlooked it),
eventhough it does show you how to create roles with passwords. In my
opinion it would be a good idea to include a warning like "the default
installation trusts everybody that can make a connection to the
database" because it could lead to some (problematic) confusions.

I didn't check extensively in the docs to see if there actually was such
a warning, particularly because I felt that if there was, it was
probably not prominent enough (or I would have noticed). Sorry if there
was indeed a big warning splattered over the tutorial somewhere.

Greetings,
bb

[1] http://www.postgresql.org/docs/8.2/interactive/installation.html