please help! i just found this today, by accident -- I was adding a pc to the domain and when prompted for the username/password i left both fields blank and pressed enter...and it worked. i just tested a blank username and password on our vpn and it worked as well!!! how is this possible??? is there somewhere I can look to see what it is and turn this damn hole off? thank you!!!!!!!!!!!