Hi Rob I hope Massimo will consider to incorporate this into Welcome. It is much to the credit of web2py that security is given top priority and it is apt that the default scheme should be a thoughtful implementation.
A well thought out Auth configuration is useful to everyone and the fact that it mirrors Gmail makes it a notable feature. For those that don't like it, it is much easier to disable or water-down than it is to reinvent -- as this thread amply illustrates. Otherwise, as this is more of a configuration rather than an app, I would suggest uploading it as a recipe to web2pyslices. Many thanks, David --