Hi, I'm new to this list so let me introduce myself. I'm working for a company that designed a secure a low cost USB authentication dongle. This dongle can be authenticated by any web site using only a few lines of PHP and Java Script. I'm also using PMA for a while, and knowing how critical the security is for PMA users I tryed to integrate our solution to add hardware authentication support to PMA. So I downloaded the latest stable release and I added some lines of code in libraries/auth/cookie.auth.lib.php and it worked... Now if I add the Ids of the authorized USB authentication dongle in a configuration file I can access the login page only if the dongle is plugged on my PC. And as soon as I unplugged it I'm automatically logouted. Nobody can administrate my mysql server without my USB dongle. So my questions are: 1) Is the integration of a commercial (hardware) product compatible with the PMA's project policy ? 2) Are you interested by hardware authentication for PMA. 3) What is the process to commit changes in the trunk ? Who will review the code ? Thanks for you reply, Luc It took me a couple of day enter your code The product is almost ready for market and his targeted