Thanks,
From knowledge ive gathered, all passwords for the portal I plan to clone are all 6 chars long, and are a mix of random numbers and letters. (users are a mix of the persons first and last name so brute forcing isnt an option)
Im sure its possible to put some extra java in there that keeps them on the page if the password entered isnt exactly 6 chars long.
That will hopefully prevent any wrong passwords being entered, or ITs attempting to inspect the portal by entering random info.