hide source

experimenta · Apr 29, 2008

i put a simple password script into a site...

it looks like it will work but anyone can simply view the page source and
see the user name and password to copy...

sorry i am a neophyte but is this easily fixable?

thanks

Mike Mueller · Apr 29, 2008

The only way to fix it is to implement a different security method

Ronx · Apr 30, 2008

Ideally you will need to use a server side script, or protected folders.
IF you have FrontPAge extensions on your site, and your host supports
unique permissions and subwebs, then see

http://support.microsoft.com/default.aspx?scid=kb;en-us;301554 (FP2000)
http://support.microsoft.com/default.aspx?scid=kb;en-us;825451 (FP2003)

To Protect individual pages: (Requires Windows Server with support for
ASP and Access database)
http://support.microsoft.com/default.aspx?scid=kb;en-us;825498

A similar technique using PHP and mySQL can be used for individual
pages.

If you must use JavaScript (this is not recommended since it is very
insecure) then the methods outlined at
http://rxs-enterprises.org/tests/jspass/ may be better than the method
you have now.

hide source

experimenta

Mike Mueller

Ronx