1) If you are accessing your iSeries over the Internet, user ids and passwords as well as data will flow in clear text unless you encrypt the transmission. You can configure the iSeries Access (aka Client Access) Servers to use SSL to encrypt the flow of data. Another solution is to set up a VPN and then open iSeries Access on top of the VPN connection. 2) The biggest problem with FTP is that the server can only handle usernames and passwords in plain text. This is one of the reasons why the root account cannot be used for FTP access on most servers. Usernames and passwords are not the only things that are sent over clear text. The files themselves are uploaded or downloaded without any encryption at all. That online store you buy your birthday gifts from might give you an HTTPS page to enter your credit card, and their accountants maybe downloading the card details over FTP. I hope this helps. =============================================================== Characters typed into a telnet screen are sent as text characters. It doesn't matter if they're names, addresses, inventory amounts or passwords that are non-display. Everything on every telnet screen is sent as clear text. That's why 'bypass signon' should always be used and why connections should be ended rather than signing off back to the standard signon panel. Always send the user and password through a TN5250E connection request rather than through a green-screen signon panel. The same can be said for FTP. Whatever is sent through the FTP script or returned in response is clear text. If you allow access to telnet signon panels or FTP in your network, you should assume that anyone with network monitoring hardware or software has access to all profiles and passwords. Telnet over SSL (or VPN) or a secure FTP can minimize risk. Tom

1) If you are accessing your iSeries over the Internet, user ids and passwords as well as data will flow in clear text unless you encrypt the transmission. You can configure the iSeries Access (aka Client Access) Servers to use SSL to encrypt the flow of data. Another solution is to set up a VPN and then open iSeries Access on top of the VPN connection. 2) The biggest problem with FTP is that the server can only handle usernames and passwords in plain text. This is one of the reasons why the root account cannot be used for FTP access on most servers. Usernames and passwords are not the only things that are sent over clear text. The files themselves are uploaded or downloaded without any encryption at all. That online store you buy your birthday gifts from might give you an HTTPS page to enter your credit card, and their accountants maybe downloading the card details over FTP. I hope this helps. =============================================================== Characters typed into a telnet screen are sent as text characters. It doesn't matter if they're names, addresses, inventory amounts or passwords that are non-display. Everything on every telnet screen is sent as clear text. That's why 'bypass signon' should always be used and why connections should be ended rather than signing off back to the standard signon panel. Always send the user and password through a TN5250E connection request rather than through a green-screen signon panel. The same can be said for FTP. Whatever is sent through the FTP script or returned in response is clear text. If you allow access to telnet signon panels or FTP in your network, you should assume that anyone with network monitoring hardware or software has access to all profiles and passwords. Telnet over SSL (or VPN) or a secure FTP can minimize risk. Tom