Password protection - password created by users

Posted on 1998-11-05
Last Modified: 2013-12-25
I need a password protection program, run on a server that lets users create their own User Name and Password once they arrive on the page.  

After the password is created, then I need a way for the usual UserName/Password box to pop up.  The person enters their user name and password -- and then is given access to the restricted directories of the web site.

In addition, I need a way for the Administrator to easily go into the password lists and add/delete users.  It would be also be great if the Administration area would let the Administrator select the length of time the users' passwords would be valid -- i.e. 1-2-3 months, etc.  

I don't want java to play a part in this solution.  Strictly CGI-BIN scripting.  I don't know anything about CGI -- but would it be possible for the script to work on both UNIX and NT servers?



Question by:Rowby Goren
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4

Author Comment

by:Rowby Goren
ID: 1829452
Edited text of question

Author Comment

by:Rowby Goren
ID: 1829453
Adjusted points to 300

Author Comment

by:Rowby Goren
ID: 1829454
Edited text of question

Accepted Solution

Eck earned 300 total points
ID: 1829455
Hi rowby :]

Heres a solution for Unix/Apache, AFAIK it cant be done easily on NT/IIS from a script (unless a microsoft scripting 'language' like VBScript has special routines for it). but I suppose this would work with NT and win32 Apache *shrug*.

first you need to create a boilerplate access file called '.htaccess' in the directory you want to protect, this is the file that tells the server, that there is special authorisation needed to read that directory.. this should look something like this:

--.htaccess Snip--
AuthType Basic
AuthName ProtectedPages                             #Cosmetic Resource Text.
AuthUserFile /       #the filename of the password file.
require user Admin Admin2                              #Users allowed to log on.


The you would create a boilerplate password file whos filename would be the one you specified on the AuthUserFile line in .htaccess file. i.e:

--passfile Snip--

Admin:5TmextAi8m4u2                    # Username:Encrypted password
Admin2:5TmextAi8m4u2                  # "                                          "


This password file gives 2 users (Admin,Admin2) access with the password 'Password'.

Thats it... All your script has to do is manipulate the 'require user' line of the .htaccess
and write/remove usernames:encrypted passwords from the password file.

That only skims the surface of web authorisation possabiltys with apache, it cant do a lot of funky things.. all is brilliantly explained on

Hope that helps.

Author Comment

by:Rowby Goren
ID: 1829456
Hi, Eck --

Thanks for your response.  Would this system allow a user create their own password once they arrive on the page?  This is a key requirement.  Or I suppose it could automatically give the user a password from a list.

Could you clarify????



Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Batch, VBS, and scripts in general are incredibly useful for repetitive tasks.  Some tasks can take a while to complete and it can be annoying to check back only to discover that your script finished 5 minutes ago.  Some scripts may complete nearly …
In threads here at EE, each comment has a unique Identifier (ID). It is easy to get the full path for an ID via the right-click context menu. However, we often want to post a short link within a thread rather than the full link. This article shows a…
In this fifth video of the Xpdf series, we discuss and demonstrate the PDFdetach utility, which is able to list and, more importantly, extract attachments that are embedded in PDF files. It does this via a command line interface, making it suitable …
Video by: Mark
This lesson goes over how to construct ordered and unordered lists and how to create hyperlinks.

731 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question