May it be possible to add a salt-field for encrypted
This adds a bit more security. Especially in the aspect
of rainbow-tree calculations on md5/sha1 sums. (see
The authentication would work as:
validUser = passwordfield == md5('<salt><pass>');
The salt should either be read from a database field in
a per-user-basis, or be a static one.
Another solution would be to allow a explicit
"printf"-type argument to pam-config which inserts the
typed password in an config-defined sql-clause that
evaluates to a boolean value.