diff -r 7c772059daca core/authentication_api.php
--- a/core/authentication_api.php	Fri Nov 27 13:34:55 2009 +0100
+++ b/core/authentication_api.php	Wed Dec 02 21:47:28 2009 +0100
@@ -344,10 +344,21 @@
 
 	$t_password = user_get_field( $p_user_id, 'password' );
 	$t_login_methods = Array(
+		SHA1,
 		MD5,
 		CRYPT,
 		PLAIN,
 	);
+	if( substr($t_password, 0, 1) == '{' && strpos($t_password, '}') > 1 ) {
+		$t_method = substr( $t_password, 1, strpos($t_password, '}')-1 );
+		$t_methods_arr = array('SHA'=>SHA1, 'MD5'=>MD5, 'CRYPT'=>CRYPT, 'PLAIN'=>PLAIN);
+		if( in_array($t_method, $t_methods_arr) 
+		&& in_array($t_methods_arr[$t_method], $t_login_methods) ) {
+			$t_login_methods = Array($t_methods_arr[$t_method]);
+			$t_password = substr( $t_password, strlen($t_method)+2 );
+		}
+	}
+
 	foreach( $t_login_methods as $t_login_method ) {
 
 		# pass the stored password in as the salt
@@ -404,6 +415,9 @@
 		case MD5:
 			$t_processed_password = md5( $p_password );
 			break;
+		case SHA1:
+			$t_processed_password = sha1( $p_password );
+			break;
 		case BASIC_AUTH:
 		case PLAIN:
 		default:
diff -r 7c772059daca core/constant_inc.php
--- a/core/constant_inc.php	Fri Nov 27 13:34:55 2009 +0100
+++ b/core/constant_inc.php	Wed Dec 02 21:47:28 2009 +0100
@@ -134,6 +134,7 @@
 define( 'LDAP', 4 );
 define( 'BASIC_AUTH', 5 );
 define( 'HTTP_AUTH', 6 );
+define( 'SHA1', 7 );
 
 # file upload methods
 define( 'DISK', 1 );
@@ -552,6 +553,6 @@
 # Lengths - NOTE: these may represent hard-coded values in db schema and should not be changed.
 define( 'USERLEN', 32);
 define( 'REALLEN', 64);
-define( 'PASSLEN', 32);
+define( 'PASSLEN', 50);
 
 define( 'SECONDS_PER_DAY', 86400 );