Don't forget, the radius authentication of PPTP on SME Server was designed for authentication of PPTPD clients only where users can authenticate against their normal password and the request is submitted to Radius. The trust relation between PPTPD and Radius has always been that, a trust relation, based on a 31 long password. No human can remember that, and again it was never designed to remembered by humans. Hence the NFR in bugzilla, for a 31 character password is unworkable when humans are involved.