Hashed passwords

[matineeschwarz]

It can only use passwords in clear text. It will be good if also hashed/encryptet form was supported to protect passwords if the accounts file is stolen from the server.

[stolendata]

Plain-text passwords will have to remain an option since APOP authentication requires it, but I'll look into a simple form of hashed storage for USER/PASS authentication in order to protect the credentials. Keep in mind that if someone read the accounts file through having attained root access (as opposed to finding a way to make little peepo dump the credentials) the entire setup must still be considered compromised.