Thanks for the idea Everett!
Alas, as I mentioned, unfortunately using $hook, $scriptProperties (it is available to Login), $_POST, etc doesn't get me there. While I can indeed modify the password in these various fields, ultimately it doesn't matter because the login processor doesn't use them at that point in time when the pre-hooks finish up.
It took a LOT of digging and some major help from Bob Ray's book (thanks Bob!) to get me pointed in the right direction. After printing out the code for the various classes in the Login package and scouring splittingred's excellent work for the problem location, I discovered that when it gets down to finally logging in after the pre-hooks complete
(see runLoginProcessor() function in Login.php), the username and password are grabbed from the dictionary object that was created back at the
outset of the Login object when it used the
gather() function
(see logindictionary.class.php) to initially populate a dictionary object tied to the login object.
Any password fields I tweaked outside of this dictionary was meaningless, as the runLoginProcessor() only cared what was currently in the dictionary object at the time the function finally invokes.
Thankfully, I noticed that while the $scriptProperties wouldn't get me the dictionary directly, I could get a reference to the Login object itself. Once I had that, I figured out I could walk it down through the controller to the dictionary, and bang, I'm in! W00t!
$login =& $scriptProperties['login'];
$loginContoller =& $login->controller;
$loginDictionary =& $loginContoller->dictionary;
$loginDictionary->set('password',$decryptedPassword);
The pre-hook(s) can then finish, the runLoginProcessor() kicks in a pulls the credentials from the dictionary object, and ta-da! Finito!
Seems to be working fine now. If anyone spots a
gotcha in this method I missed (or a better way to get there), please let me know. Thanks again all for the help! MODx rocks!