I just finished writing a cgi script to allow users to change their login passwords via a webpage. I currently have the webpage being authenticated with the basic option (uuencoded plaintext). MD5 would be nicer, but how many browsers actually support it? When the user changes their password, the form sends their name, old password, and new password with it, in the clear. This is no worse than changing your password across a telnet connection, but I'd like it to be more secure, but useable by a large number of browsers. Any advice? Brian ------- <blane@aa.net> -------------------- <http://www.aa.net/~blane> ------- Embedded Systems Programmer, EET Student, Interactive Fiction author (RSN!) ============== 11 99 3D DB 63 4D 0B 22 15 DC 5A 12 71 DE EE 36 ============