How do I prevent a level1 user from accessing a level2 side of a site after login...and vice versa? I'm also trying to figure out how to maintain logins throughout the site. I imagine I'll need to program cookies, and request them on each page, with a response.redirect "login.asp" if the cookie's not found. I'm thinking that these two issues are related, with a quick fix. Am I right?