Sigh. Just what we needed; another authentication plugin... that uses crackable salted SHA256 to store web passwords. Of course, it provides a plugin interface --- including, inexplicably, support for symmetrically (ie, recoverably) encrypting passwords. What it doesn't do is support bcrypt-ruby, which is the only correct answer to this problem.

I would be very happy if they could move in some standard user authentication into rails. Tired of the stream of plugins that become abandonware in a couple of months.

This discussion is moot since Authlogic easily supports BCrypt:

http://www.binarylogic.com/2008/11/22/storing-nuclear-launch...

I really like the name. I may try it out just because of the name.

Authgasm.