Acadia, where is your website? Just how you think a blank text file is going to stop automated scripts from scanning your website is beyond me and I've been hosting for quite some time. A few years in fact. robots.txt is only as good as the people who rely on it. Legitimate search engines do, but hackers don't give a damn about what you want them to see and not see and they don't search your site based on any text files in your root directory. This fear of password or identity theft is a real thing I won't deny, but it's a catch 22 situation. You can always create new passwords for untrusted sites that you don't use elsewhere. I myself maintain the same user name on all my Poser related sites and only change my password from site to site. As for a host's ability to even see your password. Most legitimate forum softwares doesn't even allow the hosts to see your passwords let alone steal them. PHP doesn't allow it that much I'm sure of. I'm not saying someone more skilled in Database structures couldn't dig out the information, I'm just saying it's not readily available to me as a forum host as a feature of PHPBB2.