Perhaps.. but I could use a program like wget to download the page or something like proximitron or archilles to act as a go-between to get source and then go through the source and figure it out. The ideal would be to get the password from a location other than the HTML files.
I agree. However, I did specify that mine was quite insecure, yet simple enough for anyone to use. For the one on my Apache server, I do the JavaScript prompt, but the password equals a complex-ish formula which comes out to a numerical password. That's all due to the fact that I can't figure much out on Apache for the Windows machine, including PHP .