It would be cool if one could access the /applet.html page without needing the admin password. A neat solution would be a third password (next to the admin/music pw) so you can grant/revoke access to a friend but don’t automatically enable him/her to trash your library. Or even a set of passwords. 😀
I’ve just recently added the concept of roles for authentication. I do indeed hope to set something up like that in the future, but it will probably be post-stable.