i don't think pushing two textboxes on people is too big an issue.. point taken garrett, thanks for bringing it up :) .djc. Garrett Coakley wrote: > On Thu, 30 Aug 2001 10:25:10 +0930, "isaac" <isaac at members.evolt.org> > wrote: > > >>It's certainly a valid concern. Not particularly crucial given that >>usernames are listed on WEO openly, but still... >> > > Well, although the usernames are there on weo, you have no way of > knowing who out of the total membership is authorised to access > aeo. I'm thinking more from the point of view of someone outside > of the evolt group. > > For someone with "bad intentions" who has stumbled across aeo, right off > the bat they have a list of people they know who can access this > resource (and even better, it has 'admin' in the url, so there's got to > be something juicy behind the authentication procedure right?). > > Their next step is going to be finding the second half of the key.