Password Protect Your Web Page

Hosmer23 0 Tallied Votes 756 Views Share

A handy code that brings up a password window to keep others off of the web pages you choose.

<script language="JavaScript">
var password;
var pass1="PASSWORD-HERE";
password=prompt('Whats The Magic Word?',' ');
if (password==pass1) alert('That Is Correct!');
else {
  window.location="SITE-LINK";
}
</script>
Randy Epperson 0 Newbie Poster

I'm really new to Javascript so please pardon this naive question - if the value of the password is posted in line 3 and anyone can view the source of a page, how is the password protected?

Thanks

Mohan0704 0 Newbie Poster

You can make a new .js/.jse file and make variables containing the password. Still, you can get into it. Try to make it as secure as you can. But it wouldn't be worth it for just 1 web page...

Mohan0704 0 Newbie Poster

You can make a new .js/.jse file and make variables containing the password. Still, you can get into it. Try to make it as secure as you can. But it wouldn't be worth it for just 1 web page...

Mohan0704 0 Newbie Poster

sorry for the last post, my browser was laggy/not responding

auvi1 0 Newbie Poster

It does not work

DealthRune 2 Light Poster

Try encrypting the password...

DealthRune 2 Light Poster

Also, try this script

<html>
<head>
<script type="text/javascript">


var pass1='password';
var password=prompt("What's the magic word?","");
if (password==pass1)
  {
  document.write("Correct!");
  }else{
  document.write('Incorrect!')
  }

</script>
</head>
<body>

</body>
</html>
jpdude11 0 Newbie Poster

help me please i do not know javascript well; how would you do multiple passwords its for a project

dlannetts 0 Junior Poster in Training

hey ummm, can't you right click and "view source", read through and just get the password, or havee l missed the point?

Hanabusa 0 Newbie Poster

I need help too , I yes dont one no one to see my page only people i one them too see it

almostbob 866 Retired: passive income ROCKS

if you must use javascript, javascript security is a joke
hash the password, and only put the hash in your file
then hash the entered password and compare the hashes
it is more difficult to work an md5 or sha1 backwards to get the text

security is usually configured at the server
an ajax call to verify the password, or submitting the page for server verification is preferred to anything clientside

Hanabusa 0 Newbie Poster

So easily got it now

EvolutionFallen 107 Junior Poster

Personally if you're using Apache I'd just use htpasswd with .htaccess

almostbob 866 Retired: passive income ROCKS

.htaccess .htpassword is less efficient than per user access control through settings stored in the database with the user details.
The reason why all access controlled sites use this method instead of .htpassword.
What we do personally, becomes irrelevant when the site is not personal, still use .htpassword to further lock admin-only folders, belt and braces approach

EvolutionFallen 107 Junior Poster

If I'm understanding you correctly, bob, I completely agree with you that htpasswd is less efficient with more users. However if you're going to store a single pw in the code why not use htpasswd instead?

NeakUp 0 Newbie Poster

So im using the code at the top of the page and it works great in every browser but internet explorer. It just auto redirects like you type the incorrect password in. Any help would be much appreciated.


I figured it out. I had to add it to a trusted list so that my computer trusted the site. I wonder if there is another work around on that.

stjhess 0 Newbie Poster

is there any way to embed the window in the page?

StephenHarry 0 Newbie Poster

Can we use this code in any language , means is this code is compatible to other languages or not.

MidiMagic 579 Nearly a Senior Poster

You certainly can. That is as secure as having a guard snail on duty.

bsemekanik 0 Newbie Poster

thank you

bob ★ 0 Newbie Poster

hi codes work :) ★★★★★ go daniweb! ©2011 bob★ ★☆★☆★☆★☆

teedoff 3 Posting Pro

Also, I dont recommend using javascript ONLY for any page protection/security.

Page security should be left up to server-side languages that are "stripped out" before the browser renders the html. Just my opinion though.

alexispreatori 0 Newbie Poster

What good can it do by putting a password at the very start of your website? Anyway this can help, it's from pageresource.com/jscript/jpass.htm


<

HEAD>
<SCRIPT language="JavaScript">
<!--hide

var password;

var pass1="cool";

password=prompt('Please enter your password to view this page!',' ');

if (password==pass1)
  alert('Password Correct! Click OK to enter!');
else
   {
    window.location="http://www.pageresource.com/jscript/jpass.htm";
    }

//-->
</SCRIPT>
</HEAD>
cssMFCpro 0 Newbie Poster

As a reply for those who does't have any knowledge of html/css and programing language (php e.g) "if/else" are php base functions AND WILL NOT WORK ON simple basic html/css web pages (certanly not on Blogger free platform)

 <script language="javascript">
 function pasuser(form) { 
 if (form.id.value=="secname") {
if (form.pass.value=="secpassword") { location="urlhere" } 
 else { alert("Wrong Password") } } else { alert("Wrong Username") } }
 </script>
 <form name="login">
 Username: <input name="id" size="16" type="text">
 Password: <input name="pass" size="16" type="password"><input value="Login" onclick="pasuser(this.form)" type="button">
 </form>

Change secname and secpassword with what you want. This will work on individual webpages. urlhere? add your link webpage http address

MidiMagic 579 Nearly a Senior Poster

What happens if the user turns off Javascript? He gets into the page with no password.

pixelsoul 272 Red Pill Featured Poster

This is like "pretending" a screendoor is secure. You should never rely on Javascript for security.

vickers_81 0 Newbie Poster

with reference to

As a reply for those who does't have any knowledge of html/css and programing language (php e.g) "if/else" are php base functions AND WILL NOT WORK ON simple basic html/css web pages (certanly not on Blogger free platform)

>  <script language="javascript">
>  function pasuser(form) { 
>  if (form.id.value=="secname") {
> if (form.pass.value=="secpassword") { location="urlhere" } 
>  else { alert("Wrong Password") } } else { alert("Wrong Username") } }
>  </script>
>  <form name="login">
>  Username: <input name="id" size="16" type="text">
>  Password: <input name="pass" size="16" type="password"><input value="Login" onclick="pasuser(this.form)" type="button">
>  </form>

Change secname and secpassword with what you want. This will work on individual webpages. urlhere? add your link webpage http address

how do i add additional users?

Please don't use this on anything that is truly important, or high risk. There are frameworks, tools, and other methods available to help you protect your site with very little effort. I'm not sure how you would do this safely in pure JavaScript, but on my site the couple passwords I need are either hashed or encrypted, and contained in a private file or database. I'm not saying that makes the site hack-proof, but its certainly better than storing them, and sending them over the wire, in plain-text. It's just like MidiMagic said.

dasabel100 0 Newbie Poster

dlannets,
You cannot view the source of the page by right clicking, but you can view it in any other way.

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.