The library hunchentoot-auth is insecure. Per its documentation:
Note that the password is not directly stored in the
persistent storage, but rather the password is appended to a random
(per-user) salt (which is stored in the persistent database) and this
salted uesr name is then hashed using the MD5 hashing algorithm.
I've raised an issue on hunchentoot-auth, but in the meantime it should be removed from this collection.
The library hunchentoot-auth is insecure. Per its documentation:
I've raised an issue on hunchentoot-auth, but in the meantime it should be removed from this collection.