mpd4 (in m0n0wall, but exists in mpd5 also)
#define AUTH_MAX_AUTHNAME 64
this causes authname to be truncated when handed off to a radius server. I am using Authlite (www.authlite.com) for two factor authentication. it sends a long OTP in the username field and the truncating of the string causes failure.