Password Protection / Website Security

Place password protection on any web page. Pages can be secured by either user security level, user security group, or both.

Users can be assigned a security level and security group by the web master only.

User groups are great when you want to offer one user or family access to their own portfolio page, and give other users or families similar access to a different set of pages. This approach has been successfully used by building contractors with separate sections for each building project, and also by schools, to have different sections of their website for different children, where only their families can view their own child's profile.

There is one security level which can be assigned to pages that require a user login, but that the user need only have registered. This is good if you are wanting to gain a quality mailing list.

You can also have one global password for any user on your website. No check is placed against individual members, and the member who logs in using this magic password gets automatic access to any page on your website. We suggest you do not use this approach, but it is often used by merchants offering access to their shopping cart only to people who know the password, but without wanting to manage large membership databases.

Password reminders are automatically provided, so a user need only know their email address, which they normally do.

Passwords are automatically generated and emailed to the user when required, so this uncomplicates the signup process. The user can then login and over-ride this default password with their own if they prefer.

Multiple logins from the same IP address or for the same username will be blocked for 15 minutes. This stops hackers getting access by brute force.

An alternative version of web security is also provided, using HTTP AUTH, however, this version of security does not integrate with the membership databases and is not so visually pleasing. Management of HTTP AUTH password databases is not automatic, and the web master must take extra care managing these lists. Password reminders are not available for HTTP AUTH.

Index Previous Next