Has anyone ever used the RC4 encrytion algorithm in ASP. It works fine, but what is the story with the key? At present I am using the same key for every encryption, should I be generating a new key each time I encrypt something? Is it sage to pass the actually key in the encrypted text? Thanks MD