Hi All We're in the process of setting up our wireless system to use radius authentication against our usernames/passwords which are stored in LDAP. We have come across an issue in testing the radius server. We are using Freeradius. The way we have this setup is quite standard (I hope). The user associates to the AccessPoint (AP) and is prompted for authentication credentials for access to the network. The AP sends the client's username/password credentials to the Radius server. This connection is secured. The Radius server then attempts to bind to the ldap server (again, a secured connection) using the clients credentials. The issue we have is when running the Radius server in debug mode with full log-level, we see the cilent's username and password in clear-text as it attempts to bind to the LDAP server. Certainly we could change the debug mode level to not see this, but the fact that the ability to see that is available is troubling. I'm sure many others on this list use FreeRadius and I'm wondering what sort of policies you have in place to address this security risk. Anyone with high-level access to the box could certainly login, make a change to the debug level and capture sensitive login information. Any advice/feedback is appreciated. Thanks Matt mda@unb.ca