Hi,<BR><BR>I&#039;ve found a way to redirect users to login boxes on my site without the login page appearing in the browser history. It&#039;s great for making a tidy site as there&#039;s none of the confusion normally associated with redirecting pages where a user clicks back, only to be redirected straight where they came from.<BR><BR>The trick seems to be that I&#039;m using server.transfer to execute the login box from the current page, then using response.redirect to call what the browser believes is still the current page. I guess you could just refresh the page, but I&#039;m still new to coding.<BR><BR>&#039;Step 1<BR>When you need to call your login page, store the current URL in the session and use server.transfer to call the login prompt:<BR><BR>session.contents("Target") = "currentpage.asp" & request.querystring<BR>response.clear<BR>server.tr ansfer("/login/login.asp")<BR><BR>Note: In C# you could use Request.URL.AbsoluteUri instead of hard coding this for each page<BR><BR>You have to include the entire URL here, including the querystring to fool the browser into believing your page hasn&#039;t changed<BR><BR>&#039;Step 2<BR>Write your login page as normal with a form passing to a validate page<BR><BR>&#039;Step 3<BR>Once the user has been validated, use this code to redirect them back to their original page:<BR><BR>session.contents("Target") = ""<BR>response.redirect(varTarget) <BR><BR><BR>Now, when they click on your page, they will be redirected to a login box. If they click back, the browser will skip the login box and take them straight back to the original page.<BR><BR>Hope you find this useful, any thoughts?<BR><BR>Ross<BR>