I know not everything can be reused, but as someone who writes netcentric security software, I don't see why the authentication scheme needs to be tied to the specific platform. It's best to abstract session/security layer activities from any presentation logic. It doesn't always happen that way but most of the UI stuff would be on the Emplode side (entering the password to connect, setting the password, etc) and the player would just be responsible for comparing what the user enters (or an encrypted/hashed version of it) to what it has in its config file. Why would that different between them?