How to add a password protection to a web link

senna · 17-Feb-2006, 09:31 PM #1

I am wanting to add a link to my website that when someone clicks on it they have to enter a password to get to the link. How would I go about that?

Thanks,

Senna

xgerryx · 17-Feb-2006, 09:44 PM #2

There is a really basic bit of html code available here: http://www.sbrady.com/hotsource/javascript/passw.html

It is only basic and is easy get around but is alright for a privacy curtain type security.

cnelson04 · 17-Feb-2006, 10:02 PM #3

If you looking for something PHP, heres my code here; http://www.visionstudios.be/phptut1.php its extremly easy to do and understand if you need any help PM me! -cnelson.

hytechpro · 18-Feb-2006, 07:02 AM #4

You do not specify which technology you hav used in your site

Squashman · 18-Feb-2006, 01:29 PM #5

Is it an Apache or IIS webserver?

cnelson04 · 18-Feb-2006, 05:11 PM #6

If your server support PHP, then my script will work just fine. -cnelson.

Eriksrocks · 19-Feb-2006, 09:07 AM #7

A .htaccess/.htpasswd combination is even better and more secure than PHP.

.htaccess Authentication Generator
.htpasswd Generator

namenotfound · 12:10 PM

Quote:

Originally Posted by Eriksrocks

A .htaccess/.htpasswd combination is even better and more secure than PHP.

.htaccess Authentication Generator
.htpasswd Generator

Depends on how the PHP is used to password protect

HTTP passwords are easier to crack with "brute force" methods than form passwords using certain "password crack" devices.

If you use PHP to password protect using a form to enter the password, it can be more secure then a .htaccess file that uses the HTTP method of entering the password.

In other words, this:

Is easier to crack than this:

Squashman · 19-Feb-2006, 12:14 PM #9

Quote:

Originally Posted by namenotfound

Depends on how the PHP is used to password protect

HTTP passwords are easier to crack with "brute force" methods than form passwords using certain "password crack" devices.

If you use PHP to password protect using a form to enter the password, it can be more secure then a .htaccess file that uses the HTTP method of entering the password.

I disagree. I did some security testing for a new mail server for one of my clients and it was all web based. It was just as susceptible to brute force and it was using a Form for Username and password.

namenotfound · 19-Feb-2006, 12:16 PM **#10**

Ok, then I'm wrong.

It's just, I know a few "crackers" than spent years cracking into pornographic websites

They'd always complain about how hard it was to crack form-based passwords

But always seemed to be able to get into the other kind

jiml8 · 19-Feb-2006, 04:18 PM **#11**

With a form-based password you have the option in the form to put in a counter or timer, thereby slowing down a cracker and locking them out after a handful ot tries for a period of time. With .htaccess/.htpasswd you are at the mercy of the server configuration (which often you do not control) to slow or limit the bad guys. For that reason, and no other, I would have to go with form based being more secure.

Search
Search in:
Show Threads Show Posts
Advanced Search

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)