In my sidebar I do: (:if authid:) (:CustMenu:) (:ifend:) CustMenu - embedded in a local recipe - then uses $AuthId for authentication. My question is simply whether this is secure? And, if not, what I should be using instead. (I can, of course, do it myself, but I'd remain committed to the PmWiki Way ;-) ) Thanks. -- Best, Marc