The big question is HOW can anyone steal from your account? Persistent session cookies. Those session ID things expire after 10 or 15 minutes, so thgey're not a major security risk. Except that they don't always time out correctly. except once you've caught one, you can keep it going as long as you like. Exactly. Not very professional, in my opinion. C'mon, this IS Renderosity we're talking about. at least wait to hear what the admins have to say about the issue Fair enough, but they've known about this for years now. be sure to complain at DAZ and PoserPros and all of the other sites that use SessionID's I've never seen another site with SessionIDs that were quite as risky and sloppy as the ones here. DAZ has you re-login (I believe). Other sites have more efficient timeouts. There are ways to code session cookies so that they're not as vulnerable to this sort of thing. bonni

"When a man gives his opinion, he's a man. When a woman gives her opinion, she's a bitch." - Bette Davis