Results 1 to 2 of 2

Thread: Hiding passwords from right clicking page

  1. #1
    Join Date
    Aug 2009
    Posts
    1
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Default Hiding passwords from right clicking page

    Hello all,

    I am new to this forum so I apoligize if I am posting in an improper area.

    I have added a page password protect Javascript I found on the web to a page.

    The problem I am having is that if you right click the page on the website you can view source and see the passwords.

    I have enclosed the script if anyone has any suggestions on how to hide them. Not to sure on this one. I see cloaking software but Im not quite sure if theres an easier way to go.

    Thank you for your assistance.



    Code:
    <SCRIPT LANGUAGE="JavaScript">
    
    
    
    <!-- Begin
    function Login(){
    var done=0;
    var username=document.login.username.value;
    username=username.toLowerCase();
    var password=document.login.password.value;
    password=password.toLowerCase();
    if (username=="essex" && password=="lk123") { window.location="Lake_Forest_Rate_Sheet.html"; done=1; }
    if (username=="essex" && password=="org123") { window.location="Orange_Rate_Sheet.html"; done=1; }
    if (username=="essex" && password=="org111") { window.location="Lake_Forest_Rate_Sheet.html"; done=1; }
    if (done==0) { alert("Invalid login!"); }
    }
    // End -->
    </SCRIPT>
    
    
    <p style="text-align: center"><span><center>
    <form name=login>
    <table width=225 border=1 cellpadding=3>
    <tr><td colspan=2><center><font size="+2"><b>Log In</b></font></center></td></tr>
    <tr><td>Username:</td><td><input type=text name=username></td></tr>
    <tr><td>Password:</td><td><input type=text name=password></td></tr>
    <tr><td colspan=2 align=center><input type=button value="Login!" onClick="Login()"></td></tr>
    </table>
    </form>
    </center></span></p>
    Last edited by Snookerman; 08-27-2009 at 05:58 PM.

  2. #2
    Join Date
    Apr 2008
    Location
    So.Cal
    Posts
    3,643
    Thanks
    63
    Thanked 516 Times in 502 Posts
    Blog Entries
    5

    Default

    you could encode the passwords so they can't be copied as easily, and there are "no-right-click" scripts as well. But they can all be circumvented relatively easily. So, the short answer is this:
    don't use javascript for security.
    It is entirely client-side -which makes it useful in many situations- but completely unreliable when it comes to security. If you have a real need for password protection, you need a server-side solution, like PHP.

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •