var keepernotes = new Array();
keepernotes[0] = "If someone doesn\'t know the password, it\'s very unlikely they will get to the protected page. But, once you give them the password, they can keep going back to that page whether you like it or not. They will continue to have access until you change the password (page name).";

keepernotes[1] = "A knowledgeable and determined person can get past this version of GateKeeper without too much trouble. That said, most casual web surfers using an ordinary browser, without much knowledge of javascript and who are not too intensely determined, should be stopped effectively.\n\nI\'ve made a few efforts to make things a little difficult for a would be party crasher... but this particular method of javascript password protection has it\'s limitations and there\'s only so much I can do.";

keepernotes[2] = "HTTP Authentication or other server based methods are the good, right and proper way to password protect files on your server. And with SSL it can be even MORE secure. If you can go this route, you\'d be well served.";

keepernotes[3] = "If, when inserting the GateKeeper code into your page, you choose to make the password input box type=\"password\" instead of type=\"text\", some browsers will offer to save the password. Any saving is due to that person\'s browser preferences... not via the script.";

keepernotes[4] = "Some server-based password protection schemes are written to save passwords, some are not. That said, most browsers have the ability to save such passwords and automagically enter and submit them for the user.";

keepernotes[5] = "User has the option to save his username & password, or not to save. With the password saved, if he comes back at a later date, his username & password are automatically filled in and he can click the sign-in button and go right in. In addition, he may freely visit any of the protected pages until you remove his username & password from the list.";

keepernotes[6] = "Basic HTTP Authentication does not require access to the cgi-bin. However, there are password protection methods out there that may or may not make use of HTTP Authentication, and their use MIGHT require acress to the cgi-bin. In other words... it depends.";

keepernotes[7] = "Basic HTTP Authentication does not require PHP. However, there are some PHP scripts out there that may or may not make use of HTTP Authentication, and their use DOES require PHP.";

keepernotes[8] = "Plain vanilla HTTP Authentication does not require the use of cookies. That said, some password protection scripts, that may or may not make use of HTTP Authentication, may utilize cookies and require they be enabled.";

keepernotes[9] = "There are varying levels of security possible using server-based authentication. Basic HTTP Authentication would be a fine start. Utilizing SLL (Secure Sockets Layer) in addition would be even finer.\n\nIf your needs are anything other than casual non-vital password protection, I strongly suggest you investigate various server based authentication methods over any of the GateKeeper scripts.";

keepernotes[10] = "Authorized users cannot go directly to a protected page unless they\'ve opted to have their password saved. Unauthorized users can't get to the protected pages period.";

keepernotes[11] = "The password is the name of the page. This works pretty well if the wannabe intruder doesn\'t know the password. However, once he gets the password, either from you or someone else, he can access that page as often as he wishes... until you change the password (page name).";

keepernotes[12] = "GateKeeper 1 & 2, while simple, actually do provide a certain level of security. GateKeeper 3 on the other hand, is much less secure. A determined and knowledgable person could get past it without too much difficulty.";

keepernotes[13] = "While it\'s true that one password points to only one file, it\'s also true that you could utilize multiple passwords pointing to multiple files.\n\nFor example, password \"jeff\" points to \"jeff.html\" and password \"sam\" points to \"sam.html\", etc. In that respect, there can be multiple usernames.";

keepernotes[14] = "Nearly all paid web hosting packages offer some method of server based password protection. Free hosting packages, on the other hand often have very limited features and the ability to password protect at the server level may not be available to you.\n\nEither way, it would be in your interest to investigate what your particular web host offers so you have a better idea what your options are.";

keepernotes[15] = "Many hosting packages use a web based control panel where setting up password protected directories is a fairly simple thing to do. Some hosting packages don't have this luxury and you'll have to set it up manually. This can be a little confusing at first, but like anything else, after a few times it becomes simple.";





function obfuscated() { alert("\"Obfuscate\"... isn't that a cool word? It means to make something confusing or difficult to figure out."); }