There is no way to bypass security because the server performs a security check on every single transaction, every time, no exceptions. If you bookmark a URL after login, you are saving the userid and access ticket with which you were accessing the service. If you then reload this URL before the ticket has expired, you can access the service without entering your password again, even if it is not the same browser, etc. Once the ticket has expired, you are prompted to enter your password again. There is no way to make the ticket not work from a different browser, and I am not sure why you would want to do this. There is an option to make tickets not work from other IP addresses, but it is off by default since it usually prevents people behind a proxy from using the web interface. Eric