There is a new RSADSI newsletter called "CryptoBytes". One of their articles in the fist issue is about use of MD5 for authentication. Perry