There is a defect in the CRAM MD5 Hex SASL mechanism within the Qpid broker that prevents some passwords from being used to connect from the Qpid 0-8 .Net client. The defect does not affect authentications using the same password from the Java client as it connects using a different SASL mechanism.
The defect seemingly affects about 30% of all possible passwords. It shows no bias towards strong/weak passwords as the defect in the mechanism is after the cleartext has been MD5 digested.
The client sees a 503 exception (Apache.Qpid.Client.AMQAuthenticationException: not allowed) from the new AMQConnection(QpidConnectionInfo) constructor.