...and security, access-controls, etc. have to have a transparency and ease-of-use factor such that legitimate users don't actively attempt to bypass it themselves. :-) - ferg -- Sean Donelan <sean@donelan.com> wrote: Donn S. Parker pointed out controls are ineffective without user cooperation. According to an AT&T sponsored survey, 78% of executives admitted to opening attachments from unknown senders in the last year, 29% used their own name or birthday as a "secure" password, 17% accessed the company network in a public place and didn't log out, 9% informally shared a network password with someone outside of the company. http://www.att.com/news/item/0,1847,13137,00.html The survey included relatively few people, 254 executives from Europe, North America ans Asia-Pacific regions. -- "Fergie", a.k.a. Paul Ferguson Engineering Architecture for the Internet fergdawg@netzero.net or fergdawg@sbcglobal.net