This site is accessible using any internet enabled device but will look best in a modern graphical browser that supports web standards.

Jump To: Content | Navigation

Password Protecting Your Web Page

The following instructions apply to individual accounts on http://www.loyno.edu/ in instructing how to create password protected directories. This requires the ability to execute commands in the UNIX environment. All words in maroon will need to be substituted for your values.

Step One: Telnetting In

Note: Lab Computer users can skip these 6 steps and use the Telnet Loyola Icon located in the Applications folder.

  1. Go to the Start button then Run. Type in: telnet. Press Return.
  2. Under the Connect pull-down, select Remote system.
  3. For the Host Name, type loyno.edu .
  4. For the Port, type telnet (it should be the default).
  5. For the Term Type, type VT100 (it should be the default).
  6. Click Connect.

The following should appear on your screen:

AIX Version 4
(C) Copyrights by IBM and by others 1982,1996.
login:

Step Two: Creating a Password List

Say you want to create a directory called Secrets (or whatever directory name you want to protect) and allow in only those people with the username Loyola and the password Wolfpack.

First, create a file to contain the username and password. Store this file on your server. (For security reasons, you should store it somewhere other than the root directory.) Most HTTP servers, including Apache and Netscape Enterprise Server, let you create this document with the htpasswd command. Type the following line from the Unix prompt:

htpasswd -c /u/username/.htpasswd Loyola

To use this code, replace /username/ statement with your account username. You will be prompted for the password for Loyola (Wolfpack); enter it twice. You can check that the .htpasswd file has been created at that location; it should contain something like:

Loyola:y1ia3tjWkhCK2

Step Three:

Next, create a file in the Secrets directory that sets the permissions. Do this by typing "pico .htaccess" and include the following text:

AuthUserFile /u/username/.htpasswd
AuthGroupFile /dev/null
AuthName ByPassword
AuthType Basic

require user Loyola

Again, replace the /username/ statement with your account username. You can change the value for ByPassword to whatever you want. Enclose more than one word by quotes.

To make sure your password protection works, try accessing a file in the Secrets directory. You should be prompted for a name and password, and the Loyola-Wolfpack combination should get you in.

You can also create multiple usernames and passwords, as well as groups. For more information on how to do this, or to troubleshoot the basic process described above, visit Apache Week or the NCSA site.

See it in action
Username Loyola
Password Wolfpack

Warning! Although Basic Authentication is easy to implement, it is definitely not industrial- strength security. Basic Authentication sends passwords over the Internet as plain text--UUencoded, but not encrypted. A person watching the packets on the network wouldn't be able to tell which one contained the password, but if he or she caught the right one it would be easy to decode.

 

Updated September 22, 2008