There seems to be a major security leak in the system here at sjuvm.stjohns.edu and I do not know if it is unique to this system or more widespread. When I make a change to the list header (for example) I am given the option of saving the password to disk and I usually do this. The problem is that when I make a change, the password is echoed to the screen so that anyone passing by can see it. Unfortunately, that is not the most serious problem. When I do an LSVPUT I will be asked for a password and ANYTHING I use will work and be recorded to disk. There does not seem to be any mechanism requiring me to type my old password. Is there some setting I am not making to improve the security? Bob Zenhausern, Ph.D. Internet: [log in to unmask] St. John's University Unibase: [log in to unmask] SB 15 Marillac Phone: 718-990-6447 Jamaica, NY 11439 Fax: 718-990-6705