diff --git a/README.md b/README.md
index 8c4641b..f46e728 100644
--- a/README.md
+++ b/README.md
@@ -59,10 +59,78 @@ there are separate release files for Windows, macOS and Linux.
 Users who want to make changes to IBC should clone this repository
 in the usual way.
 
+Setup and Usage
+---------------
+
+### Environment Variables for Credentials
+
+For security, you can specify your Interactive Brokers credentials using environment variables instead of hardcoding them in the configuration file:
+
+```bash
+export TWSUSERID="your_username"
+export TWSPASSWORD="your_password"
+```
+
+For FIX CTCI Gateway:
+
+```bash
+export FIXUSERID="your_fix_username"
+export FIXPASSWORD="your_fix_password"
+```
+
+These environment variables will be read by the startup scripts (`gatewaystart.sh`, `twsstart.sh`, etc.) and override any credentials in the `config.ini` file.
+
+### Configuration File
+
+Edit the `config.ini` file to set your preferences. Key settings include:
+
+- `IbLoginId` and `IbPassword` - Your IBKR credentials (or use environment variables)
+- `TradingMode` - Set to `live` or `paper`
+- `FIX` - Set to `yes` for FIX CTCI Gateway
+
+See the comments in `resources/config.ini` for all available options.
+
+### Running the Scripts
+
+**Linux/macOS:**
+
+Start Gateway:
+```bash
+./resources/gatewaystart.sh
+```
+
+Start TWS:
+```bash
+./resources/twsstart.sh
+```
+
+Other useful scripts:
+- `./resources/stop.sh` - Stop IBC
+- `./resources/restart.sh` - Restart IBC
+- `./resources/commandsend.sh` - Send commands to running IBC
+
+**Windows:**
+
+Use the `.bat` equivalents in the `resources` folder:
+- `StartGateway.bat`
+- `StartTWS.bat`
+- `Stop.bat`
+- `Restart.bat`
+
+### Script Configuration
+
+Before running, edit the script files to set:
+
+- `TWS_MAJOR_VRSN` - Your TWS/Gateway version number
+- `IBC_INI` - Path to your config.ini file
+- `IBC_PATH` - Path to IBC installation
+- `TWS_PATH` - Path to TWS/Gateway installation
+- `LOG_PATH` - Where to store log files
+
 User Guide
 ----------
 
-Please see the [IBC User Guide](userguide.md) for installation and
+Please see the [IBC User Guide](userguide.md) for complete installation and
 usage instructions. The User Guide is also included as a PDF file in the
 download ZIPs.
 
diff --git a/resources/IBC.jar b/resources/IBC.jar
index 639b926..d919f4e 100644
Binary files a/resources/IBC.jar and b/resources/IBC.jar differ
diff --git a/resources/StartGateway.bat b/resources/StartGateway.bat
index c88d8da..a23c148 100644
--- a/resources/StartGateway.bat
+++ b/resources/StartGateway.bat
@@ -31,7 +31,7 @@ setlocal enableextensions enabledelayedexpansion
 ::=============================================================================+
 
 
-set TWS_MAJOR_VRSN=1019
+set TWS_MAJOR_VRSN=1037
 set CONFIG=%USERPROFILE%\Documents\IBC\config.ini
 set TRADING_MODE=
 set TWOFA_TIMEOUT_ACTION=exit
@@ -62,7 +62,7 @@ set HIDE=
 ::
 ::       Build 10.19.1f, Oct 28, 2022 3:03:08 PM
 ::
-::     The major version number is 1019 (ie ignore the period after the first
+::     The major version number is 1037 (ie ignore the period after the first
 ::     part of the version number).
 ::
 ::     Do not include the rest of the version number in this setting.
diff --git a/resources/StartTWS.bat b/resources/StartTWS.bat
index 3457b51..31e41c4 100644
--- a/resources/StartTWS.bat
+++ b/resources/StartTWS.bat
@@ -29,7 +29,7 @@ setlocal enableextensions enabledelayedexpansion
 ::=============================================================================+
 
 
-set TWS_MAJOR_VRSN=1019
+set TWS_MAJOR_VRSN=1037
 set CONFIG=%USERPROFILE%\Documents\IBC\config.ini
 set TRADING_MODE=
 set TWOFA_TIMEOUT_ACTION=exit
@@ -58,7 +58,7 @@ set HIDE=
 ::
 ::       Build 10.19.1f, Oct 28, 2022 3:03:08 PM
 ::
-::     The major version number is 1019 (ie ignore the period after the first
+::     The major version number is 1037 (ie ignore the period after the first
 ::     part of the version number).
 ::
 ::     Do not include the rest of the version number in this setting.
diff --git a/resources/commandsend.sh b/resources/commandsend.sh
index caeaee6..6269472 100644
--- a/resources/commandsend.sh
+++ b/resources/commandsend.sh
@@ -32,6 +32,6 @@ if [[ -z "$1" ]]; then
 fi
 
 # send the required command to IBC 
-(echo "$1"; sleep 1; echo "EXIT"; echo "quit" ) | /usr/local/bin/telnet "$server_address" $command_server_port
+(echo "$1"; sleep 1; echo "EXIT"; echo "quit" ) | /usr/bin/env telnet "$server_address" $command_server_port
 
 
diff --git a/resources/gatewaystart.sh b/resources/gatewaystart.sh
index f7a48f7..abb4bce 100644
--- a/resources/gatewaystart.sh
+++ b/resources/gatewaystart.sh
@@ -18,18 +18,18 @@
 #=============================================================================+
 
 
-TWS_MAJOR_VRSN=1019
+TWS_MAJOR_VRSN=1037
 IBC_INI=~/ibc/config.ini
 TRADING_MODE=
-TWOFA_TIMEOUT_ACTION=exit
+TWOFA_TIMEOUT_ACTION="exit"
 IBC_PATH=/opt/ibc
 TWS_PATH=~/Jts
 TWS_SETTINGS_PATH=
 LOG_PATH=~/ibc/logs
-TWSUSERID=
-TWSPASSWORD=
-FIXUSERID=
-FIXPASSWORD=
+TWSUSERID=${TWSUSERID:-}
+TWSPASSWORD=${TWSPASSWORD:-}
+FIXUSERID=${FIXUSERID:-}
+FIXPASSWORD=${FIXPASSWORD:-}
 JAVA_PATH=
 HIDE=
 
@@ -49,7 +49,7 @@ HIDE=
 #
 #       Build 10.19.1f, Oct 28, 2022 3:03:08 PM
 #
-#     The major version number is 1019 (ie ignore the period after the first
+#     The major version number is 1037 (ie ignore the period after the first
 #     part of the version number).
 #
 #     Do not include the rest of the version number in this setting.
diff --git a/resources/scripts/StartIBC.bat b/resources/scripts/StartIBC.bat
index 8c962ae..b738d99 100644
--- a/resources/scripts/StartIBC.bat
+++ b/resources/scripts/StartIBC.bat
@@ -420,7 +420,13 @@ if defined GOT_FIX_CREDENTIALS (
 ) else if defined GOT_API_CREDENTIALS (
 	set HIDDEN_CREDENTIALS="***" "***"
 )
-	
+
+:: Set credentials as environment variables instead of command-line arguments
+:: to prevent them from appearing in process lists
+if defined IB_USER_ID set TWSUSERID=%IB_USER_ID%
+if defined IB_PASSWORD set TWSPASSWORD=%IB_PASSWORD%
+if defined FIX_USER_ID set FIXUSERID=%FIX_USER_ID%
+if defined FIX_PASSWORD set FIXPASSWORD=%FIX_PASSWORD%
 
 :: prevent other Java tools interfering with IBC
 set JAVA_TOOL_OPTIONS=
@@ -465,17 +471,9 @@ echo Starting IBC with this command:
 echo "%JAVA_PATH%\java.exe" %moduleaccess% -cp  "%IBC_CLASSPATH%" %JAVA_VM_OPTIONS% %AUTORESTART_OPTION% %ENTRY_POINT% "%CONFIG%" %HIDDEN_CREDENTIALS% %MODE%
 echo.
 
-if defined GOT_FIX_CREDENTIALS (
-	if defined GOT_API_CREDENTIALS (
-		"%JAVA_PATH%\java.exe" %moduleaccess% -cp  "%IBC_CLASSPATH%" %JAVA_VM_OPTIONS% %AUTORESTART_OPTION% %ENTRY_POINT% "%CONFIG%" "%FIX_USER_ID%" "%FIX_PASSWORD%" "%IB_USER_ID%" "%IB_PASSWORD%" %MODE% 2>NUL
-	) else (
-		"%JAVA_PATH%\java.exe" %moduleaccess% -cp  "%IBC_CLASSPATH%" %JAVA_VM_OPTIONS% %AUTORESTART_OPTION% %ENTRY_POINT% "%CONFIG%" "%FIX_USER_ID%" "%FIX_PASSWORD%" %MODE% 2>NUL
-	)
-) else if defined GOT_API_CREDENTIALS (
-		"%JAVA_PATH%\java.exe" %moduleaccess% -cp  "%IBC_CLASSPATH%" %JAVA_VM_OPTIONS% %AUTORESTART_OPTION% %ENTRY_POINT% "%CONFIG%" "%IB_USER_ID%" "%IB_PASSWORD%" %MODE% 2>NUL
-) else (
-		"%JAVA_PATH%\java.exe" %moduleaccess% -cp  "%IBC_CLASSPATH%" %JAVA_VM_OPTIONS% %AUTORESTART_OPTION% %ENTRY_POINT% "%CONFIG%" %MODE% 2>NUL
-)
+:: Start IBC without passing credentials as command-line arguments
+:: Credentials are now passed via environment variables (TWSUSERID, TWSPASSWORD, FIXUSERID, FIXPASSWORD)
+"%JAVA_PATH%\java.exe" %moduleaccess% -cp  "%IBC_CLASSPATH%" %JAVA_VM_OPTIONS% %AUTORESTART_OPTION% %ENTRY_POINT% "%CONFIG%" %MODE% 2>NUL
 
 ::======================== Handle IBC exit conditions ==============
 
diff --git a/resources/scripts/ibcstart.sh b/resources/scripts/ibcstart.sh
index 71c579d..a15902e 100644
--- a/resources/scripts/ibcstart.sh
+++ b/resources/scripts/ibcstart.sh
@@ -476,6 +476,21 @@ elif [[ -n $got_api_credentials ]]; then
 		hidden_credentials="*** ***"
 fi
 
+# Set credentials as environment variables instead of command-line arguments
+# to prevent them from appearing in process lists
+if [[ -n $fix_user_id ]]; then
+	export FIXUSERID="$fix_user_id"
+fi
+if [[ -n $fix_password ]]; then
+	export FIXPASSWORD="$fix_password"
+fi
+if [[ -n $ib_user_id ]]; then
+	export TWSUSERID="$ib_user_id"
+fi
+if [[ -n $ib_password ]]; then
+	export TWSPASSWORD="$ib_password"
+fi
+
 # prevent other Java tools interfering with IBC
 JAVA_TOOL_OPTIONS=
 
@@ -504,15 +519,9 @@ do
 	# forward signals (see https://veithen.github.io/2014/11/16/sigterm-propagation.html)
 	trap 'kill -TERM $PID' TERM INT
 
-	if [[ -n $got_fix_credentials && -n $got_api_credentials ]]; then
-		"$java_path/java" $moduleAccess -cp "$ibc_classpath" $java_vm_options$autorestart_option $entry_point "$ibc_ini" "$fix_user_id" "$fix_password" "$ib_user_id" "$ib_password" ${mode} 2>/dev/null &
-	elif  [[ -n $got_fix_credentials ]]; then
-		"$java_path/java" $moduleAccess -cp "$ibc_classpath" $java_vm_options$autorestart_option $entry_point "$ibc_ini" "$fix_user_id" "$fix_password" ${mode} 2>/dev/null &
-	elif [[ -n $got_api_credentials ]]; then
-		"$java_path/java" $moduleAccess -cp "$ibc_classpath" $java_vm_options$autorestart_option $entry_point "$ibc_ini" "$ib_user_id" "$ib_password" ${mode} 2>/dev/null &
-	else
-		"$java_path/java" $moduleAccess -cp "$ibc_classpath" $java_vm_options$autorestart_option $entry_point "$ibc_ini" ${mode} 2>/dev/null &
-	fi
+	# Start IBC without passing credentials as command-line arguments
+	# Credentials are now passed via environment variables (TWSUSERID, TWSPASSWORD, FIXUSERID, FIXPASSWORD)
+	"$java_path/java" $moduleAccess -cp "$ibc_classpath" $java_vm_options$autorestart_option $entry_point "$ibc_ini" ${mode} 2>/dev/null &
 
 	PID=$!
 	wait $PID
diff --git a/resources/twsstart.sh b/resources/twsstart.sh
index e70eef4..6e0d978 100644
--- a/resources/twsstart.sh
+++ b/resources/twsstart.sh
@@ -18,16 +18,16 @@
 #=============================================================================+
 
 
-TWS_MAJOR_VRSN=1019
+TWS_MAJOR_VRSN=1037
 IBC_INI=~/ibc/config.ini
 TRADING_MODE=
-TWOFA_TIMEOUT_ACTION=exit
+TWOFA_TIMEOUT_ACTION="exit"
 IBC_PATH=/opt/ibc
 TWS_PATH=~/Jts
 TWS_SETTINGS_PATH=
 LOG_PATH=~/ibc/logs
-TWSUSERID=
-TWSPASSWORD=
+TWSUSERID=${TWSUSERID:-}
+TWSPASSWORD=${TWSPASSWORD:-}
 JAVA_PATH=
 HIDE=
 
@@ -47,7 +47,7 @@ HIDE=
 #
 #       Build 10.19.1f, Oct 28, 2022 3:03:08 PM
 #
-#     The major version number is 1019 (ie ignore the period after the first
+#     The major version number is 1037 (ie ignore the period after the first
 #     part of the version number).
 #
 #     Do not include the rest of the version number in this setting.
diff --git a/resources/twsstartmacos.sh b/resources/twsstartmacos.sh
index b33583f..bfb9191 100644
--- a/resources/twsstartmacos.sh
+++ b/resources/twsstartmacos.sh
@@ -21,13 +21,13 @@
 TWS_MAJOR_VRSN=10.19
 IBC_INI=~/ibc/config.ini
 TRADING_MODE=
-TWOFA_TIMEOUT_ACTION=exit
+TWOFA_TIMEOUT_ACTION="exit"
 IBC_PATH=/opt/ibc
 TWS_PATH=~/Applications
 TWS_SETTINGS_PATH=
 LOG_PATH=~/ibc/logs
-TWSUSERID=
-TWSPASSWORD=
+TWSUSERID=${TWSUSERID:-}
+TWSPASSWORD=${TWSPASSWORD:-}
 JAVA_PATH=
 
 
diff --git a/src/ibcalpha/ibc/DefaultLoginManager.java b/src/ibcalpha/ibc/DefaultLoginManager.java
index d6326fa..0c68df5 100644
--- a/src/ibcalpha/ibc/DefaultLoginManager.java
+++ b/src/ibcalpha/ibc/DefaultLoginManager.java
@@ -32,12 +32,17 @@ public DefaultLoginManager() {
     }
 
     public DefaultLoginManager(String[] args) {
-        ibapiCredentialsFromArgs = getTWSUserNameAndPasswordFromArguments(args);
-        fixCredentialsFromArgs = getFIXUserNameAndPasswordFromArguments(args);
-        message = "will get username and password from " + 
-                (ibapiCredentialsFromArgs ? "args" : "settings") + 
-                "; FIX username and password (if required) from " + 
-                (fixCredentialsFromArgs ? "args" : "settings");
+        boolean ibapiCredentialsFromEnv = getTWSUserNameAndPasswordFromEnvironment();
+        boolean fixCredentialsFromEnv = getFIXUserNameAndPasswordFromEnvironment();
+        
+        ibapiCredentialsFromArgs = ibapiCredentialsFromEnv || getTWSUserNameAndPasswordFromArguments(args);
+        fixCredentialsFromArgs = fixCredentialsFromEnv || getFIXUserNameAndPasswordFromArguments(args);
+        
+        String ibapiSource = ibapiCredentialsFromEnv ? "environment" : (ibapiCredentialsFromArgs ? "args" : "settings");
+        String fixSource = fixCredentialsFromEnv ? "environment" : (fixCredentialsFromArgs ? "args" : "settings");
+        
+        message = "will get username and password from " + ibapiSource + 
+                "; FIX username and password (if required) from " + fixSource;
     }
 
     public DefaultLoginManager(String username, String password) {
@@ -194,4 +199,26 @@ private boolean getTWSUserNameAndPasswordFromArguments(String[] args) {
         return false;
     }
 
+    private boolean getTWSUserNameAndPasswordFromEnvironment() {
+        String username = System.getenv("TWSUSERID");
+        String password = System.getenv("TWSPASSWORD");
+        if (username != null && !username.isEmpty() && password != null && !password.isEmpty()) {
+            IBAPIUserName = username;
+            IBAPIPassword = password;
+            return true;
+        }
+        return false;
+    }
+
+    private boolean getFIXUserNameAndPasswordFromEnvironment() {
+        String username = System.getenv("FIXUSERID");
+        String password = System.getenv("FIXPASSWORD");
+        if (username != null && !username.isEmpty() && password != null && !password.isEmpty()) {
+            FIXUserName = username;
+            FIXPassword = password;
+            return true;
+        }
+        return false;
+    }
+
 }