Hello,
I'm posting this report after posting this thread :
http://www.phpbb.com/community/viewtopic.php?f=64&t=1442625
So I know that this issue could be not considered as a (phpBB) bug, and that I may have missed something. So again, excuse my ignorance if I'm wrong.

Here is the deal, I could not find any legitimate use of duplicated auth_option but found occasions where duplicated entries could be accidentally added (mostly by dummy mods).
So my point is, if this field is actually and as it seems meant to be unique, wouldn't it be wise to specify it in the table structure to make sure that no messing can occur ?
I know it's not supposed to happen in the normal run, but messing with these can cause great and pretty hard to find out at first trouble since more table later depend on the auth_option id in that table.

So, if a UNIQUE key is possible there, it would be a cheat and strong self defense trick.

Regards.

dcz