I have released a developer release of CGI::Application::Plugin::Authentication. The purpose is to make the module run under taint mode. So far the tests only cover the default usage of the login_box function. But it seems better to release tentatively then leave the code to collect dust in github.