Html password protection,hide source,encrypt html code - the basics [Home]
Image Protection - how to use Image Guardian

FAQ - protect html , scripts, PHP, ASP

FAQ - protect images

General settings

Profiles and advanced settings

Encrypt ASP files

Encrypt PHP files

Protect css files [Style Sheets]

File List Manager and Command line reference

Site Manager

Known issues & Troubleshooting



Ultra - Strong HTML Password Protection

Ultra strong

html password

   protection let's you protect websites with a password in an extremely secure way. You can also protect with password html web pages individually, there is no need to password protect website entirely if you don't want to.
The cipher algorithm used allows files to be protected with a strength corresponding to a 384 bit key(maximum) - this is billions times stronger than the 128 bit encryption used in today's browsers (128 bit encryption is considered secure enough for online credit card payments and almost all other transfers of sensitive information).
HTML Guardian is the only tool to provide such ultra strong html password encryption (although many programs provide pseudo - secure protection based on elementary algorithms).

You can open the ultra strong html password protection window from the Tools menu, from the ToolBar or by pressing CTRL + U.
Note: Ultra strong password protection is fully functional only in HTML Guardian Enterprise edition. In Personal and Professional editions you can use it only for small html files which does not contain links and scripts.
A complete comparison between HTML Guardian Personal, Professional and Enterprise editions you can see here. Advantages and disadvantages of ultra strong protection

There are two main advantages:

  -  Nobody can never ever view the content of the protected file without providing the correct password.
If you use a strong password, it's impossible to crack the protection no matter what method is used to crack it ( linear or differential cryptanalysis, brute force cracking etc - please read the "How secure is this protection" section below).

  -  The person(s) to view the encrypted content don't need any special software, just a javascript enabled browser. Usually to view some encrypted content, you must have the same software used to encrypt it. This is a big problem since most people usually don't know how to work with this sort of programs, where to find them, and in many cases they are expensive, or a subject of export restrictions. To use password on website is as simple as possible.
If you use HTML Guardian's Ultra strong html password protection, everybody can see the protected content in a browser if he/she knows the correct password. You can encrypt some file and send it as an email attachment, or just put it somewhere on the web - nobody can ever view the protected content without the correct password.

  -  The disadvantage of the ultra strong protection is that it increases the size of the protected file more than twice, plus about 16K for the decryption code. However with today's speeds this is not actually a problem, even for the disappearing minority of phone modem users.

  -  Image Guardian can not be used for ultra-strong protected files. You can't protect images in such files.

Ultra strong protection is not intended to protect your source code from theft but to protect a highly sensitive information in an extremely secure way. If you trust somebody enough to give him/her the password to view the protected information, you will not expect them to steal your source code. However almost all HTML Guardian's source code protection options (like disable right click, text selection, printing etc) can be applied to ultra strong protected files - please read the "Editing the template" section below for information about how to do that.

html password, protect website with a password
To encrypt a single file, click "Select File" button. To encrypt multiple files at once drag them from Windows Explorer and drop them into the big textbox in the Ultra-Strong protection window.
Usage is quite simple - you have to configure the following:
Where to store the decryption code - it can be stored either in an external .js file named se.js, or inside the protected file itself. The first method is better if you want to protect multiple files (even with different passwords) - in this case the decryption code needs to be downloaded only once. Second method is better if you want to encrypt a single file, like a file to send as an email attachment.
How to prompt the user for a password - the password can be entered either in a javascript prompt box or in a password field in the html file. The first method is simple and will work for all javascript enabled browsers. The password can be viewed when typed. Second method will only work for IE5 and later , Netscape6 and later and Opera7 and later - it will not work for IE4, Opera 3.x - 6.x and Netscape 4.x. In this case the password can't be viewed when typed, and what your visitors will see before entering the password can be customized (read "Editing the template" section).
Password length must be between 6-48 characters. Acceptable characters are:
a-z A-Z 0-9     ~ ` @ # $ % ^ & * ( ) _ - + | [] { } : ; ? < , . /
Empty spaces can be used as well, but not as a first or last character.
You can also use many special characters like
£ € ¥ © ® ™ Ø æ ‰ † ‡ and about 50 other characters of this sort. They are usually entered by holding the ALT key and typing a 4 number sequence. You can also use non-english letters but you have to be sure the person that will type the password can enter them so it's not recommended. You should NOT use single ' or double " quotes in passwords. Passwords are CaSe SeNsItIvE.
Save behavior - you should configure this only if you selected to encrypt multiple files at once.
If "Backup & Overwrite" option is selected, each file will be overwritten with its encrypted version and a backup will be created. If "\SE subfolder" option is selected, the file will be saved under its original name in a \SE subfolder (it will be automatically created) of the folder where it resides. An example:
Let's say you want to ultra-strong protect the C:\Test\myTest.htm file
If "Backup & Overwrite" option is selected, the encrypted file will be saved as C:\Test\myTest.htm. The original file will be backed up as C:\Test\myTest.htm.bak
If "\SE subfolder" option is selected, the encrypted file will be saved as C:\Test\SE\myTest.htm. The original file will remain unmodified.
Note that if you select "\SE subfolder" option, any external files referenced in the protected file (like images etc.) will not be available in the \SE subfolder when you test the file - you have to copy them there for the file to work as the original.
Note: This option has absolutely no effect when you encrypt a single file selected with the "Select File" button. In this case where to save the encrypted file is determined by you after clicking the "Save" button.
Ask for a password only once - this is a very useful option. You may want to use ultra-strong password encryption for many files, but it will be annoying for the visitors of your site to enter the password when opening each of them. If this option is selected, the users will have to enter the password only once (the first time they try to open any ultra-strong protected file). All ultra-strong protected files they want to see afterwards will not ask for a password but will be decrypted using the password entered for the first file.
You can't use different passwords if this option is used. A file encrypted with a different password will only display garbage characters.
This option will not work for files opened in a new window - for such files users will be prompted for a password always.
This option can't be used in the Personal or Professional editions.
Note: If you use this option, the password will not be stored on the user's hard disk or on any other place. The user has to re - enter the password each time he/she re-visits your site.

Some notes:
- If the decryption code is stored in an external .js file (se.js) , this file should be available in the same folder where the protected file is. If there are protected files in different folders, you should either put se.js in each of those folders, or (better and recommended) to modify the
<script src='se.js'> tag to point to the actual location of se.js (this tag is usually at the very beginning of the protected file).
- You can only encrypt single files. Ultra strong protection can't be used in any of the batch encryption modes. If you specify a password to be used when you encrypt a folder, filelist or a site, the basic password protection will be applied.
- It is possible to use most of the HTML Guardian's source code protection options (like disable right click, text selection, printing etc) in ultra strong html password protected files - please read the "Editing the template" section for information about how to do that.

Go back Next

   © 1997-2023, ProtWare Inc. All rights reserved.