droogben wrote:LoGiCaL__ wrote:Good question and nice pick up. After trying this for myself on my linux box I had the same issue then something clicked. Went back onto my windows box signed out and typed in the same url while logged out and boom. It gave me the same incorrect string password. So I'm guessing because you're not logged in when you access the page it will not give the correct password.
I see, thanks for the explanation. Can you please explain why this happens though? Are there two websites for URL/password.php, and it uses the hackthissite authentication system to determine which website to display?
The devs could probably answer this better than me, so correct me if im wrong. Since it's a .php page it probably checks to see if you're logged in. If your logged in it gives the correct password. If not logged in, it will probably output the incorrect password.