Tuesday, Tuesday, February 05, 2002, 12:01:50 PM, Robert L Mathews wrote: > a) writing down this password for later use as their "password"; or > b) not reading the message properly and trying to use their own > "password" on the approval page.
I can verify that both of these events actually do occur, and semi-regularly. To be honest, I'd rather see the authorization "password" or code, whatever you want to call it, passed as a part of the URL. The user has to affirmatively approve the transfer on the next page anyway. I know, I know, we've had that discussion in the past, I still think it is a good idea :) -- Best regards, William X Walsh <[EMAIL PROTECTED]> -- OpenSRS installation and customizations Payment Processing Integration Apache Installation and Support Services http://www.wxsoft.com/
