Need html for Password Protected Page

[Brazzell Marketing]

Here's a great javascript for password protecting a page, but I need a better one. Can anyone help?

What I am using now is:

<script language="JavaScript">
<!--hide
var password;
var pass1="LetMeIn";
password=prompt('Enter your password to view page.',' ');
if (password==pass1)
{ location="http://www.Password-Protected-Page.html" }
else {
window.location="http://www.WrongAnswer.com";
}
// end hide--> </script>


It's not terribly secure, but all I want to do is keep out the lookyloos. The problem is that too many of the people I want to use this page have JavaScripts disabled on their browsers, and it's too hard telling each of them how to find and fix this on their respective browsers. I was wondering, is there a way to do something similar with a standard html form? If I can cut and paste some code like this, I would love that. If I have to create a database on my server, I'll just hire someone to build the security for this site. Feel free to PM me if you want to quote building the security feature.

[Hades]

You should not use HTML/Javascript for password protection.

Do you have console access to the server? you can set up a .htaccess file to do a very basic password protection without doing any DataBase work. Follow this guide and it could take you about 10 minutes.

If you need help to do it just ask.

Regards.

[Costin Trifan]

Hades is right here. Never, and I mean NEVER, use javascript to password protect a page.

You'd have no way to prevent a user from getting that password from your script. Even if encrypted, yes. Unless you develop your own encryption algorithm, but I doubt you want to go there

[htmlbasictutor]

What if the user has scripting turned off?

[Betmenko]

Quote:

Originally Posted by Costin Trifan

Hades is right here. Never, and I mean NEVER, use javascript to password protect a page.

You'd have no way to prevent a user from getting that password from your script. Even if encrypted, yes. Unless you develop your own encryption algorithm, but I doubt you want to go there

yep only if he thinks of making ajax login but this is completely different.
javascript password can break 90% of internet users

[Costin Trifan]

An ajax login system would most of the time require some server-side backend so it wouldn't be only javascript anymore; just like you said, it would be completely different.

[Brazzell Marketing]

Thanks, Hades. I think that is what I was looking for.

The javascript that is there now is the equivalent of one of those little locks on a desk drawer. It says "stay out," but anyone with bad intentions could jerk it open if they really tried. We understood that when we put it in place. We would have been happy with the low level of security for the non-sensitive materials we had on the page, but the javascript is turned off on just too many browsers. Hades option looks much better going forward. Thanks again.