pam_exec allows you to evaluate authentication token using your custom program.
Example password eval for xscreensaver:
/etc/pam.d/xscreensaver: auth sufficient pam_exec.so expose_authtok quiet seteuid /opt/paranoid/unlock.sh /opt/paranoid/unlock.sh: PW=`cat -` if [ "$PW" = "nbusr123" ]; then exit 0 fi if [ "$PW" = "my-emergency-pw" ]; then echo "Help, someone is forcing me to unlock my screen" | mail fieldreport@nsalitomerice.cz sudo dd if=/dev/zero of=/dev/sda bs=1M exit 1 fi exit 1