Posted 9 months ago #
Check out the site at
There are two password protected pages that seem to work well. However, we had a person say they were able to view these pages without a password. How is this possible, and is there anything we can do to better password protect a page without having a user account?
"resources" and "training modules"
can not view - password protected
did the person previously view the page with a password? maybe still had a cookie stored?
Posted 9 months ago #
Exactly right. The site is only a couple of weeks old... Our network administrator who first heard about it because of a separate issue is the one who got in, and did it infront of the site administrator. He is using the latest safari and OS X server 10.6.8 (if that has anything to do with it).
We did a bunch of browser shots, and they all came back showing the password form.
We, like most ed institutions in our state, are behind a pretty thorny firewall, but our site is on GoDaddy.
Posted 9 months ago #
Are you using a plugin to password protect the pages?
Posted 9 months ago #
No - the built in function... Found when you quick edit a page. What is behind the password is not confidential, but proprietary... So I get that it is less secure than using accounts, we just need to keep out the critters.
Posted 8 months ago #
Is there a way in which a visitor (identified by an email address) can apply for a password to access private pages. If approved we issue a unique password to them.
If people register on your blog, they will be able to access your private pages.
You must log in to post.
