I have been asked to create a site with a single password for all users and no member accounts. Obviously the password protect on home page method is not secure as anyone with a URL to a sub page can bypass the password.
My work around is to create 1 single dummy user account that everyone can log into simultaneously (thanks limitless active logins that are usually a problem), and then hide and auto populate the ‘username’ input field on a custom log in page.
Hiding the field can be done with design settings, but auto populating it with the single dummy user name is the challenge.
Any suggestions for some code to perform this task?
Thanks in advance
You can create a normal registered Login-Account with —> Email (adding it a nickname + password) and storing it for example in the Wix-Secrets-Manager.
When a user tries to use the login to log-in to your site, you run a query on backend and compare the entered nickname and pw with the one stored in your Secrets-Manager. This should do the trick (i think). 
Or you take a look here, onto a similar example…
-Navigate to “General-Setup”.
-Change “Active-Registration-Form” to → “SIMPLE” (this will switch the type of REGISTRATION-FUNCTION).
EDIT —> PW: 12345 —> change to SIMPLE → SAVE
-Now you can navigate to the REGISTRATION.
There you will find a similar example, which will create a new LOGIN without any e-mail. An upgraded version will follow soon.
https://russian-dima.wixsite.com/login-system/vnloginmgm
So you can use the shown example and bring it to the next level → using Wix-Secret-Manager.
Thanks for your reply!
I’m not sure I understand though. The user would need to enter a nickname? I’m after a solution where the user only sees the password input and a submit button… the username is automatically applied and invisible.
@alex80332 Yes, your situation is a little bit a different one, but at all needs the same BYPASS-functionality/technique.
So you can take the example and reduce your login to the minimum requirement → JUST to use a PASSWORD for login.
No matter if you want to go the one or the other way, you will need to create a Bypass-Function.
Because in real (in the background), you still will need the email to login (as i know). If there is a better way → you can correct my suggestion.
Hi there,
You can also have a password lightbox on your website, and prompt your users to enter the password the first time they land on your website, it may not be as instantaneous as the actual login, as it is unlike the actual login, it runs after the page has finished loading.
The lightbox will be opened each and every time your visitors navigate to a page, that’s why we need to remember that the user has entered the password once, and not to ask for it again, we can do that using the session storage .
This code needs to run on all pages - the ( masterPage.js ) file.
import wixLocation from 'wix-location';
import wixWindow from 'wix-window';
import { session } from 'wix-storage';
$w.onReady(() => {
if (wixLocation.path[0] !== 'protected-content') {
const cache = session.getItem('auth');
if (typeof cache === 'string') {
const auth = JSON.parse(cache);
if (!auth.authenticated) { propmpt_password() }
} else {
propmpt_password();
}
}
})
function propmpt_password() {
wixWindow.openLightbox('Check Password').then((authenticated) => {
if (authenticated) {
// Save the authentication
session.setItem('auth', JSON.stringify({ authenticated }));
} else {
wixLocation.to('/protected-content');
}
})
}
To learn how to set up the lightbox with password protection, check out my answer on this thread.
Hope this helps~!
Ahmad
Hi Ahmad,
That sounds like a good solution. Will they be logged out again if they close the browser? It would be ideal if they have to log in each time the site is opened, can navigate freely around… and then if they close the window and come back they have to re-enter. Is this the case?
Just realised I’ve already done your lightbox password process on this site. When I was trying to set everything up in the first place I discovered that thread! So I’m most of the way there already.
@alex80332 Yes this is the case, they need to login each time they visit the site, their login session is only valid until the browser tab is closed.
Keep in mind that this approach depends on the session storage to maintain the login state, people who know what they’re doing can copy the session item, and use it again, so it’s highly recommended not to use this method with any secret content, or you can put the content behind the login state, meaning that you only load your content after the authentication is succeeded.
@ahmadnasriya Oh fantastic, this is getting close to what I need it to do. Though I can definitely see the advantage of putting the content behind the log in state. How would I do that?
@alex80332 you can do that by having a page without data, just the design, and only after the authentication, you fetch the data from the backend, and populate your page elements.
@ahmadnasriya I see. Thanks 
