Greetings I have posted on this topic in the past and made a formal feature request on bugtrak as well. I am posting this again based on some threads in other forums (security issues) and from experience with Web GUI's with enterprise class products. Once you Authenticate with DD-WRT (or Linksys code), your browser will not prompt you for a password again - even if you close the page and re-enter the admin GUI. In a tabbed browser like IE7 or FF, you can close the tab, open a new tab and type your router URL and not be challenged for a password. This condition continues UNTIL you exit your browser and restart. This is a security exposure. Any Enterprise class Web interface will time your session out and force a re-authentication. This should be a simple thing to implement in V24 - and should be considered for V23 as well. Comments??