>If you capture (and compare on future hits) their username and IP address, you could probably come up with enough logic to make sure they are who you think and they can only see their own records.
>
>This would mean some validation on each hit, but your key values could [potentially] remain simple.
>
>Guy

That is an interesting concept. The truth is that sometimes larger clients have organizational units residing in different networks and have, therefore, different IP addresses. That would prevent the "second" hit from viewing the reports.

Also, our clients are frequently agents who share these reports with their clients.