> SHOULD use TLS, SHOULD NOT use cleartext (but could). ^ or any other security mechanism providing for encrypted exchange of authentication credentials. Jeff