To validate an user somewhere should be the encrypted passwords .. where ? .. Kerberos is used to authenticate users when they log into an Athena workstation. It is a distributed security system that does not require that each user have an encrypted password stored on every workstation. I would suggest that you read up on some of the packages used by Athena. Hesiod and Kerberos would be a good start. You can find papers on these that were written for the 1988 winter Usenix conference via ftp from athena-dist.mit.edu in pub/ATHENS/usenix. You can also find source distributions on athena-dist, but remember that US export restrictions may apply to some of the things you find. Jonathon Weiss jweiss@mit.edu Just in case you were wondering: Project Athena, Athena, Athena MUSE, Discuss, Hesiod, Kerberos, Moira, OLC, X Window System, and Zephyr are trademarks of the Massachusetts Institute of Technology (MIT). No commercial use of these trademarks may be made without prior written permission of MIT.