I think that using NNTP to change a password (indeed, for anything updating access or security) is a very bad idea. Other more secure protocols should be used both for access and update; the existing AUTHINFO was a temporary hack intended more for user identification than for authentication. - Brian