Password Code Responses

Joan Graham grahamjo at oplin.lib.oh.us
Thu Feb 17 12:04:24 EST 2000


Dear Listees:

I've been asked to summarize the responses I've received to my question:
how to code for entry via a password (the same password being given, in
advance, to all potential users) so that they may access a main site
page, type in the password, and thus enter an individual
password-protected page within the site. Here are some pasted in
answers. One person asked me to pass on anything specifically for unix.
I haven't looked at all these resources yet today, but hope this below
will help.

If everyone will have the same username/password, then it will be
easiest
to use the .htaccess authentication method built into the http protocol.

 You can add unique username/passwords also if you want.  What you
basically do is create an .htaccess and password file and put it in the
directory you want to protect.

Go here for more detailed instructions on how to do this:
http://hotwired.lycos.com/webmonkey/html/97/08/index2a.html?tw=backend

http://faq.web2010.com/htaccess.htm

http://hoohoo.ncsa.uiuc.edu/docs/tutorials/user.html


http://javascript.internet.com/passwords/

The web server Administrator will help you to set up the password to
open
any webpages you want to.

For Apache, it is all based around the .htaccess file and the embedded
"require ..." statement.  See section G of the FAQ, specifically G.2 .

Typically password protection is handled by a server side script, but
since this is a personal web page,
javascript password might work just fine. It may also be the only option
because personal sites dont usually
have permission to run scripts.  Here is a common technique recommened
on the webmonster list. Keep in
mind that users must have javascript turned on to access the protected
part of the site.

Create a form with a password element and a button element (not submit).
Make it look menacing /;-)

using javascript onClick set the window.location.href = to the value of
the password box.

The password is the filename of the page you are going to.  The password
is not listed in the javascript, so
you have some security. The javascript just takes whatever someone types
in the password box and open it
as a web page. They must type "somepage.html" as the password.

Joan Graham



More information about the Web4lib mailing list