Please share with us how you make sure that the login form can only be used over SSL. Bill. On Wed, 21 Mar 2001, Dario Lopez-K=E4sten wrote: > After we have established an SSL-connection, we use a forms based > login procedure, that sends, in cleartext but over an encrypted > ssl-connection, the username and password. We also make sure that the > login form can only be used over SSL.