Looking at their database schema (table "auth_user"), it looks like the user passwords are stored unencrypted and without salt?
Looking at their database schema (table "auth_user"), it looks like the user passwords are stored unencrypted and without salt?