Currently plain login using PAM as its user database. However, in a containerized or server environment the passwd file is generally kept static, so some other mechanism for managing users is preferred. Also, pam does not by default come with an easy to way to check passwords other than via the passwd/shadow files.
It would be great if there was another authentication method included in drill that was easier to use in a containerized environment.
Reading the usernames and password from a specific file would probably be the simplest mechanism.