Don't let me keep you from RedAlert 2
The index.cfm page is merely a series of <cfinclude template> statements. The includes are activated based on the fuseaction value passed in the URL. The app_locals.cfm template, which is included on each page, is thus:
<cfinclude template="app_globals.cfm">
<!--- default setting for the fuseaction --->
<cfparam name="attributes.fuseaction" default="dspLogin">
So when the index.cfm is called without a fuseaction value, the login should display.
That code is:
<table border="0" cellspacing="5" align="left">
<cfform action="index.cfm?fuseaction=actLogin" method="POST" enablecab="No">
<tr>
<td colspan="2"><p><h3>Quist Extranet Login</h3></p></td>
</tr>
<tr>
<td valign="top"><font size="-1">Username:</font> <cfinput type="Text" name="username" message="Enter in your username before proceeding" required="Yes"></td>
<td valign="top">
<cfif IsDefined("attributes.username"

OR IsDefined("attributes.password"

>
<div align="center"><font size="+1" color="Red">Login failed, please try again.</font></div>
</cfif>
</td>
</tr>
<tr>
<td colspan="2"><font size="-1">Password:</font> <cfinput type="password" name="password" message="Enter in your password before proceeding" required="Yes"></td>
</tr>
<tr>
<td colspan="2"><input type="submit" value=" Proceed >> "></td>
</tr>
<tr>
<td><a href="
here for QuistFinancial.com</a></td>
</tr>
</cfform>
</table>
Nothing is required to begin this page in terms of session.values.
Thanks again for your poking around on this.