looks i checked the "remember login" which persisted the auth info on the cookie, but that is supposed to remember login ID only right?

 

in a production box, should we remove the default.aspx, and test.* which looks like some testing code right?

 

thanks!

 

Jack