A security hole in BlogEngine.net was just revealed that allows anyone to see passwords... http://dannydouglass.com/post/2008/...cript-HttpHandler-Serious-Security-Issue.aspx http://www.codeplex.com/blogengine