We've all been there. We develop a web application that uses the querystring to pass data from a master list page to a detail page. Usually just the ID is passed (just a good programming technique) and you even check and double check the value and type of data so that only the user who is supposed to see it, sees it. But the temptation to change the id for the user is too great and nobody ever likes seeing any type of identifier in the querystring. The solution I've developed simply encodes the querystring name/value pairs so that it is unreadable but can be retrieved and created with relative ease.