The forum and the NL website have seperate databases, but within the same MySQL process, so (after adjusting permissions as nessecary for the MySQL "users") it would be very little work to check the forum database to validate the login. This could either be referenced whenever nessecary, or copied across to the NL website database on first login (and maybe updated either via a daily refresh, or just each time the user logs in). I don't think there'd be a particularly huge difference in performance between the two; the former would be a bit lighter on storage (but the difference would be almost negligable). As an added layer of security, since this would be my own code rather than widely-used open source code, I'd give neolemmix.com's "user" read-only access to the forum database - if possible, only to the relevant parts (which would pretty much just be the "users" table, I think).
Even if they were in seperate databases, this would not be a huge obstacle. The way Nearly Free Speech (the hosting provider both the forums and neolemmix.com are hosted with) works for MySQL, is that the MySQL processes are tied to the user (in this case, me), not to any specific website. Even a completely unrelated site could theoretically access it as long as it was hosted on Nearly Free Speech - if you overlook that they'd need to know the "server" name, the username and the password for it.
Passwords have the standard SMF hashing, which IIRC is an MD5 of the password, the username, and a salt value. I've successfully replicated this before, back when I made the short-lived and not-very-widely-used replay database.