Hello,
I have an iWeb site I maintain for my portfolio, part of a requirement for my BEd.
One of the pages contains all kinds of reference letters and my resume. I was informed by a professor that I needed to either password it or take it down because it violated FOIP. Rather than go into this with him, I obliged and put a script on the said page that would require a password to allow the page to open. If the password is incorrect it would redirect back to the home page. Here is the snippet:
<SCRIPT language="JavaScript">
<!--hide
var password;
var pass1="XPASSWORDX";
password=prompt('For privacy reasons, please contact XMYEMAIL@EMAIL.COMX to gain access','');
if (password==pass1)
alert('The password is correct. Click OK to continue.');
else
{
alert('Incorrect password');
window.location="http://www.PBechthold.com/";
}
//-->
</SCRIPT>
Of course, XPASSWORDX would be replaced with the real password and XMYEMAIL@EMAIL.COMX with my email address.
I have used a similar script on other pages too because I wanted some privacy. I understand how meager this is and wouldn't even call it security, but I do like the simplicity of implementation and it provides at least one roadblock to anyone out creeping the site.
Here is the problem:
When I start up safari on my mac or sometimes even just new tabs, I have found I get prompted with the password box as if I was trying to access the webpage in question (Resume.PBechthold.com) even when I am just opening gmail or something.
Question 1: If you visit the site and try to get in but cancel, do you have a similar symptom later on?
Question 2: If you get in to the site then leave, are you getting the prompt later as well?
Question 3: How easy is it to find out the password? I am not posting the password here and would request that you do not either if you find out what it is... But I trust it is very easy.
Thanks for all your help!
I have an iWeb site I maintain for my portfolio, part of a requirement for my BEd.
One of the pages contains all kinds of reference letters and my resume. I was informed by a professor that I needed to either password it or take it down because it violated FOIP. Rather than go into this with him, I obliged and put a script on the said page that would require a password to allow the page to open. If the password is incorrect it would redirect back to the home page. Here is the snippet:
<SCRIPT language="JavaScript">
<!--hide
var password;
var pass1="XPASSWORDX";
password=prompt('For privacy reasons, please contact XMYEMAIL@EMAIL.COMX to gain access','');
if (password==pass1)
alert('The password is correct. Click OK to continue.');
else
{
alert('Incorrect password');
window.location="http://www.PBechthold.com/";
}
//-->
</SCRIPT>
Of course, XPASSWORDX would be replaced with the real password and XMYEMAIL@EMAIL.COMX with my email address.
I have used a similar script on other pages too because I wanted some privacy. I understand how meager this is and wouldn't even call it security, but I do like the simplicity of implementation and it provides at least one roadblock to anyone out creeping the site.
Here is the problem:
When I start up safari on my mac or sometimes even just new tabs, I have found I get prompted with the password box as if I was trying to access the webpage in question (Resume.PBechthold.com) even when I am just opening gmail or something.
Question 1: If you visit the site and try to get in but cancel, do you have a similar symptom later on?
Question 2: If you get in to the site then leave, are you getting the prompt later as well?
Question 3: How easy is it to find out the password? I am not posting the password here and would request that you do not either if you find out what it is... But I trust it is very easy.
Thanks for all your help!
