Currently authentication in packet radio is somewhat lacking. Passwords are sent in the clear over RF and could be intercepted by anyone. One exception is BPQ's SYSOP password tool that sends a string of characters over the air similar to a nonce which are then entered into a tool to generate a one time password that can securely be sent back over the air.

Whilst this works I'd love to see a more generalised method, and I'd suggest the use of Time-based One Time Passwords which are supported in apps such as Google Authenticator and Authy. These would allow secure one-time passwords without breaching any rules on encryption.

In current packet radio usage there's no way of confirming that a message that has potentially been relayed through 10s of nodes and hasn't been tampered with in transit and actually originates from the person that allegedly sent it. It would be great if we could utilise public key cryptography like PGP to sign and validate messages.