Dave, Torben, Thank you very much for the replies.
Torben, I restrict login to https which avoids the doube sign-in issue and prevents sending of cleartext passwords.
I have a heavily customised config.tcl file that I spent ages on so I will have to trawl through and look for any omissions against a new example file.
You are almost certainly right that this is a case of misguided misconfiguration! 😊
I'll have another go.
