Since Sunil's mail took matters to one extreme, I have no choice but to respond with the other! (i) There is absolutely no reason to have any confidential stuff on your account---its a free country so we should have free and transparent flow of information. So it is your fundamental duty to ignore all messages regarding security since these may (just may) actually allow your colleagues and/or your system adminstrator to actually implement a security policy---a clear violation of freedom to information! (ii) If by any chance you do want to violate rule (i) and want to have any confidential stuff on the computer then again ignore all messages about security since otherwise you wouldn't be able to blame anyone if someone gets that confidential stuff. If you can't see the hacker/cracker/spoofer or whatever he/she/it can't exist. (iii) Use all possible features like rhosts files, xhosts +, remote telnets, sending passwords by mail, putting your password on your home page (yes some have been known to do this!) to enable anyone and everyone to use the system. After all if the taxpayer paid for it surely the taxpayer has a right to use it! (iv) And I forgot passwords. Choose a password such as your login or even "login" or your name---something which you just can't forget even by chance since who wants to bother that busy system administrator (and look like a fool) admitting that you chose too complicated a password to remember. (v) Regarding denial of service, why worry. In any case the service is more often denied by ERNET or VSNL than by a hacker. Secondly, no one actually pays for this service it comes out a humoungous Institute budget. If a hacker tries to hack into your Home VSNL account which you paid real money for then let him/her beware. (vi) Finally, remember that it is only the hacker that keeps the net alive. If we didn't have hacker and virus stories why, we might actually do some computations or right some worthwhile software or perhaps successfully have a freely flowing communication system over the internet. What would all those ssh, sendmail, bind and tcp wrapper program writers and installers do then? Regards, Kapil.