When using Hudson's own user database, passwords are stored in base 64. The problem is that
someone who has access to the user configuration files would be able to easily decode these
passwords. This in turn can lead to other security problems, if users aren't smart about using different
passwords for different services.

Further, the fact that passwords are currently reversible means that checking Hudson configurations
into source code control, or otherwise backing them up is potentially dangerous from a security
perspective.

A better approach would be to store a non-reversible digest (like SHA256) of the password in the user
configuration file. To validate a password, the Hudson application would digest the password specified
by the user at login and compare it to the digest stored. If they are equal, then the user is
authenticated.

Apparently Hudson uses Acegi Security to implement password authentication. According to the Acegi
site, they support digest-based password encoders. Hudson should be changed to use SHA1 at a
minimum (or a stronger digest, like SHA256, if possible), migrating older clear text passwords to new
configuration files.