黑料网

Skip to main content

Password Protecting Content

Sensitive Information Restrictions

Sensitive information, including PHI cannot be added to any School of Medicine website.

Sensitive information, including Protected Health Information (PHI), cannot be stored on any School of Medicine website, even if the content is password-protected. While password protection provides a layer of security, it is not strong enough to safeguard sensitive information. For more details, see the resources at the bottom of this page.

Password Protect a Single Page

There are two methods for password protecting a page: Onyen authentication and unique password protection.

Password Protecting with Onyen Authentication

Onyen authentication grants access to all Onyen users. It cannot be restricted to a specific department or group.

This solution requires the use of the 黑料网 Permissions plugin. You will first need to ensure that this plugin has been activated on your website.

  1. Select Plugins in the Dashboard. Note that only Administrators can see and edit site plugins. If you don’t see Plugins in the dashboard then you are not an administrator and will need to get an administrator to enable the plugin.
    Screenshot of the Dashboard that shows the Plugins option.
  2. Either search for or find the the 黑料网 Permissions Plugin in the list.
    Screenshot of some of the available plugins, including the 黑料网 Permissions Plugin.
  3. Activate the plugin.

Once the plugin has been activated, you can use Onyen authentication to protect a page.

  1. Log in to your website.
  2. Go to the page you wish to password protect.
  3. Edit the page.
  4. In the Onyen Restricted Content box in the right-hand column, select the Require Onyen Authentication option.
    Screenshot of the Onyen Restricted Content options.
  5. Save the changes
  6. Visitors will be required to log in through 黑料网’s Single Sign-On before they can view the page.
    Screenshot of 黑料网's Single Sign-On.

Using a Unique Password

Using a unique password can be helpful for temporary access needs, such as allowing someone to review a page. However, shared passwords are not a secure long-term solution.

Example of when a unique password might be useful

Let’s say you wish to have someone review the content on a new web page before the page is made available on your website. Rather than give the reviewer access to the website (which is what they would need to see a draft page), you could publish the page with password protection. All you would have to do is send the link/url and the password to the reviewer for them to access the page. Because the web page will eventually be available to the public, no significant damage would occur should someone else gain access to the page.

  1. Log in to your website.
  2. Go to the page you wish to password protect.
  3. Edit the page.
  4. In the Publish box located in the right-hand sidebar, click on the Edit link located next to Visibility: Public.Screenshot of where to enable password protection on a page.
  5. Select the Password protected option.
  6. Enter the password you wish to use.
  7. Publish the page

Visitors will be prompted to enter the password before they can view the page. Additionally, WordPress will prepend 鈥淧rotected鈥 before the title of the page.

Screenshot of a password protected page with "Protected:" listed before the page title.

The same password can be used on multiple pages to allow users to log in to all content at once. The first time a visitor enters a password, it will automatically unlock all pages that use that same password.

Media Files Cannot Be Password Protected

Warning: Uploading media files (images, documents, audio, and video) to a password-protected page does not protect the files themselves.

Some users attempt to link to a document from a password-protected page as a workaround. However, this does not secure the document itself.

To properly protect a media file, it will need to be uploaded to an external resource that allows for password protection (such as SharePoint). Once that is set up, you can add a link on your website to the resource.

External Resources

To securely store and share sensitive content, use external services such as Microsoft Teams, SharePoint, or OneDrive, which offer built-in access controls.

Sensitive Information and Policies

What is Sensitive Information?

The University maintains an information classification standard that provides guidance on what is considered sensitive or classified data. Visit the following resources for more information:

Policies, Guidelines and Resources

  1. Privacy Office
  2. – outlines cost and storage options.
  3. – explains information tiers.
  4. 黑料网’s policy on – security policies for data transmission
  5. from the Safe Computing at 黑料网 website.
  6. – support for secure data handling.
  7. School of Medicine’s聽. The site contains a wealth of information including best practices, HIPAA training, and other security related resources.
  8. Need guidance on what is not sensitive information? Reference the from the Safe Computing at 黑料网 website.

If you need additional guidance on handling sensitive data, refer to the Safe Computing website or contact the School of Medicine鈥檚 Information Security and Privacy team.