We currently mail USB drives to our board members with confidential PDF files on them. We created a php website that allows the members to log in and access the files but quickly realized that one of the members was hiding her referrer info so the htaccess file wouldn't allow her to download the file (not to mention referrers can be faked). So, now we're back to square one trying to figure out a way to securely give the members access to the PDF files. We don't really want to use htaccess to password protect the folder. We've come up with:
1) Password protect the PDF file and just provide a direct link
2) Have them use FTP
Any other options anyone can think of?