Kyle Beyer, author of ASP.NET Ajax login system, a solution to make client side calls to authentication and registration web services, made a challenge of $100 for anyone able to broke his library's security. ajax-login-system is open source under New BSD License, and it's using a challenge based authentication system with one way encryption to provide maximum security without using SSL.

Ajaxmagazine

Ajax, Login Control, Security, Challenge