The fact that you get warnings when visiting sites using test id's and pins seems to me to be correct behavior but maybe I don't understand your expectations. Vault actual doesn't store your info just a mathematical representation of it. It then is supposed to check the hash total of information leaving for a site or via email and warn you. Seems to me it did just that. Did you click deny? Did it send it anyway? Do you have a log of what was actually sent after deny? The saga of the ZA vault is long and complex so if you want a little mis-understanding look at this forum's posts as far back as last summer. I have been contributing here on this subject for quite a while. I don't use the ZA suite so when I comment from a base of ZA Pro 7 only I may be "out-of line again". But I would bet that the ZA vault works exactly the same way in Pro as it does in the suite. What follows now is IMHO. I have concluded that putting information in the vault does no harm, it is just labour intensive. If you reinstall the software the vault disappears and you would have to re-enter it. More work. Your test is yet another example in a long series of possible leaks. My conclusion yet to be proven wrong by anybody who works for ZA itself is: DO NOT RELY ON THE VAULT, IT LEAKS INFORMATION. IT ALSO GIVES USERS (you and others) A FALSE SENSE OF SAFETY! The problem now is I may be banned from ZA user forum for saying an opinion. It has happened to others. I am on other forums if you need my and other views just Google on Escalader and there I am. I will post this elsewhere in case that happens. Good luck to you.