I’m working on a JavaScript web app, and I’d like to implement a temporary password protection mechanism to prevent unauthorized users from accessing the app while I’m developing it. I understand that, since the password will be part of the frontend code, this method won’t be 100% secure. Nonetheless, I’d like to know if there are any best practices for something like this.
Currently, I’m considering generating a random string during build time to serve as the password, and I’d check the build logs for the password of the deployed instance. However, I’m concerned that the minified deployed JS source might still reveal the password, like var p = “some-passWord-123-!@#”. I’m interested in obfuscating the password further by possibly splitting the password string in the code.
Are there any existing guidelines or techniques to achieve this kind of frontend password protection, or should I create a custom solution? Any advice or recommendations are appreciated.