The project is currently released under GNU GPL. However, I feel it's necessary to relicense to the Affero GPL for two main reasons
- Firstly some improvements haven't been contributed back. Whilst legal under the GPL, it's not really in the spirit of Open Source
- Secondly, the 'at risk' group is the users who's passwords are being stored. I believe, therefore, they have a right to be able to inspect the source so that they can assure themselves of the security in place around their credentials.