In short, I think it should be made clear that an encrypted user password for all intents and purposes, is simply obfuscated. Encrypted implies secure, and after looking into why md5 is the only option (see [1] link below), I feel that portion of the documentation should clarify intent.
The documentation for CREATE USER can be found at link [2] below.
I'm new to this mailing list, and couldn't find any "read first" documents on conventions to follow - if any. Please let me know if I missed something prior to subscribing.