So the user clicks on a link that prompts the user for a password. If password is correct, the next page is opened. How would I go about doing that. I know that its <form><input type = "password".....> but how do I make it so that the password field appears if you click on the link. This is what I have so far:
<li><h3>Education</h3></li>
My SJSU Transcript
Also how do I set the password and check to see if the user enters the correct password.
Edit: Unfortunately it all has to be done in html. The password is static.
There is a better solution using only HTML & Javascript though it's not simple. You would need to:
encrypt the contents of the HTML file.
Ask user for password
Use password to decrypt and serve HTML file
Here is an implementation source code & live demo.
Related
description
here is my problem :
I've used to add basic auth in my docker container successfully ,and I open my website page ,and input the basic auth's name and password correctly,so the next time when I open my site ,for a long time I don't need to reinput them again .that's cool ,cause I konw the browser will remember sth for me.
now i removed the basic auth in my Nginx configure file ,and restart the server ,and I want to check if the change effects ,but when I open my site this time ,still no need to input name and password , but I am not sure if it's the configure change effects well or the browser has already remember the authorization for ,so I want to remove or delete the already exist authorization in my browser .
of course I can find other device that has never been sign in before to check ,but I am curious about how the browser remember or store the name and password or authorization that has already been inputed,and if I can delete this things manually .
In any web page,We can see the password in this manner:
Inspect the element using firebug.
Go to textbox (where anyone can type the password) in firebug.
Change the type of input box from password to text.
Now you can see the password.
How to prevent this?
There is no concern of safety there. As it won't save it on the server, and it will only be for him that he can see the password. It should be alright to see you're own password right?
There is no way to do this. If you are concerned about someone seeing the password later by doing this first off note that your users should be smart enough and almost every application uses this. If you are really paranoid you could log the keystrokes showing no password or create your own display of some sort, which would make it a little harder to view such information but any knowledgible attacker could find out the password with full access.
I notice many sites do not allow the browser to autocomplete a password field. I know that the 'input' tag can have an attribute called 'autocomplete' which can be 'on' or 'off'. But is there a better and safer way for a site to request that the user must enter the password manually and preferably not to store it in 'keychain' or equivalent?
I already read this question and this question.
I was planning to make this
I am working on static html(s) with lots of HTML and files like this:
In order to create an "enter the site, write down the given password", I need to create a different .html.
If the user entered the password correctly, they will be redirected to the main site (on this case, they will be redirected to here.html) and if the password is wrong, the user will stay on the same page until they write a correct password.
How to make that function/password page?
I want the user unable to dig out by the source to find out the password.
It will be just simple password.
If you want to keep the password secret, then you cannot give it to the browser (since anything you give to the browser, you give to the user).
This means that you must check the password using server side code.
The closest you could come without using server side code would be to make the password part of the URL. If the wrong password was entered, the user would go to the wrong URL and get a 404 error.
I am trying to create a homepage, which includes hyperlink.
For example, after clicking sth called file1.txt, I should be directed to text file. However, before the file is to be displayed, a box should be popped up asking username and password. Can you tell me how to do it? Thanks.
With plain HTML? You can't.
The simplest way is to use HTTP Basic Auth. The specifics of which depends on the web server software you use. e.g. for Apache: http://httpd.apache.org/docs/2.2/howto/auth.html