Friend, The following information from CIAC Bulletin G-04: X Authentication Vulnerability November 20, 1995 22:00 GMT may be of use to you: If you cannot use DES, you can determine your expo- sure to remote attackers by testing the strength of your rand() function using the program rand-test; the source is available as ftp://ftp.x.org/pub/DOCS/rand-test/rand-test.c Cordially, Jim NOTE. To subscribe to CIAC Bulletin, email to ciac-listproc@llnl.gov the one-line message subscribe ciac-bulletin <your last name>, <your first name> <your phone number> for example: subscribe ciac-bulletin Adolphus, Gustavus 000-000-0000 x00