That thought did cross my mind, after the post I did a review on the code and you were correct.. I am just trying to follow why would anyone make that happen.. You are right, your update didn't do it and I apologize to be posting in your forum; Gavick did nothing to compromise my security. I do understand what you said, it had insufficient privileges as verification is a requisite. I will be talking to Joomla for this matter; I am not upset but I am sure if the Authenticator is needed we could implement a pop-up that ask to be authenticated; I am sure this would bring more security as we are embarking on a new feature