Be careful not to sound too gleeful, lest you play into the evil nasty hacker stereotype. Keep the focus on the fact that real encryption is both possible and highly desired; the bad guys are lazy programmers and the US Government. I have sent a pointer to the sci.crypt article to the win95netbugs list, which currently has eight Microsoft employees and nine major computer magazines on it. I might mention it to Microsoft's "technical people" when they drop by next week to address our networking concerns. The answer, for anyone desiring one, is to turn off Win95's "multiple user profiles" features, turn off "encrypted password caching," and advertise the fact that Win95 is a totally insecure single-user OS, and will continue to be so as long as it uses the 1970's-vintage FAT file system. If real security is not available, the goal should be to eliminate the false sense of security that encourages people to leave sensitive files out in the open. -rich