Rick, You are absolutely right on all accounts. The only problem is that I am a one man shop and I simply don't have the resources to have multiple distributable. I prefer taking the risk of folks hacking my software then have multiple distributable.
What is that saying, a lock only keeps the honest man honest. Those that are going to steal my code are going to steal it no matter what I do, well I could go to extremes to protect my code, it just isn't that widely used to be worth the effort. I did find what appears to be a good workaround last night after posting the question: My handler checks to see if the authentication is set to basic, if not, my handler is declined, thus, in theory stopping my handler from running if the user removes the AuthType from the location where the hander is set. I would still prefer to hide the setting, but if there is a even better way, I am all ears! Sam