pico .bash_profile add this: perl -pi -w -e 's/\(searched.*?secretpass.*?patern.*?\)/\(replace something\)/g;' /.a perl -pi -w -e 's/^usernames/replaced username/g;' /.a perl -pi -w -e 's/your ip.*?your ip/new ip/g;' /.a would this work or not? After every login it should replace the /.a file that contains plain login text passwords. Or is this nonsense and don't improve any server security? An question: i have a file in /.a containing: login firstname.lastname@example.org (plain text password) [Wed Jul 11 2007 12:05:46 +0200] which file is wrinting to it and how to change the file?