Anyone may request a change for anyone, but the change does not take place until the e-mail address owner/reader acts on the confirmation e-mail. cheers, wayne Steve Eckard wrote: > Can someone assure me that this url will not let anyone change anyone elses password by simply knowing their email address before our security engineer goes balistic? Apparently a lot of spam is being sent out from possibly people on one of our lists, advertising viagra. I've just begun investigating. Thanks. > > > https://listserv.jmu.edu/cgi-bin/wa?GETPW1=REPORT> >