Has anyone played with log-in limitations within an application? We have users abuse our wrestling news service by giving out their username and password. We tried limiting by IP Address but IP Address is not always accurate. I want to create an Application Array in the global.asa file and have the Session_OnStart feature write the username to the array and Session_OnEnd feature remove the username. I've never programmed the global.asa before. Any suggestions would be appreciated.