well, i wouldn’t set the password to a variable, because there are programs out there that can sniff those as well as actionscript from an swf. so i would recommend ver 2.
Actually they aren’t variables…they are static strings of text and even if you made a variable inside of an if() statement, it would only be scoped to itself and not the entire main timeline!
Thoriphes states the easiest and smartest way…and if I was you I wouldn’t ever judge him wrong…and I mean ever because he is the Actionscript Guru!
Also… when thinking about a password set up… I like to have the frame AFTER the password detection, loop back to before the password detection. That way it is not as simple as “right click”. . .“forward”.
both methods are putting the password into the users hands via the swf. if security is really a concern, you need to do the verifying server side, passing the passphrase over a secure channel.
but weigh your costs and benefits here, who are you trying to keep out? and is it going to be worth implementing a system that is truly secure?
both methods are equally insecure, but will keep out people who don’t care. if anyone really wants in, and your verifying passphrases in the swf, they’ll get in.
it may be worth moving the verification server side, even if you don’t open a secure channel first. it would add another layer anyways.
cheers.
Creating engaging and entertaining content for designers and developers since 1998.