Bypass functionality uses a hashed secret key to provide security.
With reporting level 3 and the HTML template, maximum security is provided by using a different hashed secret key each time. This behavior of choosing a fresh key every time is specified by omitting this option (or specifying it as the empty string).
With reporting level values other than 3 and CGI programs
that must generate the bypass URL,
such randomization won't work.
So it's possible rather than generating a random key each time
to explicitly specify one key to be used every time.
It must be more than 8 chars, for example
bypasskey = 'Mary had a little lamb.'
or bypasskey = '76b42abc1cd0fdcaf6e943dcbc93b826'
.
The same functionality is provided for pages that are virus infected (rather than denied because of content) by the configuration option infectedbypasskey, with the same possible settings.