Hi please help. CMS Plan has been purchased, the project has been published, The page has been set for password already, The problem is the page does not re-prompt with the password when it is refreshed (the page can be pushed through & accessible without password via its URL picking it up from any browser, Edge, Chrome, Firefox & Browser History). One (this only) page has been tested out so far, come on guys! (at Webflow I don’t believe this fix has to go through bunch of steps or hesitation) because the page needs to be re-prompted whenever the page is refreshed or picked up from any browser (or browser history)! What’s the point you guys having this kind of feature (Restrict Access for Anyone with the password for the page) to manage who can access this page when it’s published, but when it is published, the page can still be been picked up (in any browser or browser history) WITHOUT being re-prompted for password. So please help!
Hi Hyder, that’s not how Webflow’s password feature works, either for the page/folder passwords, or for Memberships.
It’s super limited, don’t bank on it for security.
Effectively once someone has accessed the page with the password or logged into a membership account, they have access until their access token expires, which seems to be roughly 3 days.
It appears to be designed to deter access by people who are not authorized, but it cannot revoke access once it has been given.
You can so some custom code to kill the cookie on a timer or inactivity timeout, that’s about it. I’ve built a few solutions like that to improve security but it is still in no way “secure.”