> 1) What prevents someone from getting into the manage > screens by cracking the admin username:password? Are failed > login attempts logged anywhere? If not, is there any way to > log them short of hacking the zope python code? The failed attempts are logged as "401" errors. J