I have a typical login format: a "post" style html form referring to an ASP "logged in" screen. This ASP page functions as the home base for the "logged in" ASP screens. It passes the necessary variables to the other "logged in" pages by passing variables across querystrings. THe question is how can I refer back to this home base page from these other peripherial pages without ruining security? <BR><BR>A querystring would have to include either the password, or some variable telling the page to bypass the password validation. Both would ruin security.<BR><BR>I don't want to use a form for returning to the page. Help me!