This is kind of a custom technique to auto login the admin user so the regular access levels would not really apply. You could however have a recordset that selects the admin username and password from the wa_settings table and compare them to the value the user entered, if they are correct then store the password in the session variable. This is essentially what the login for the admin area is doing.