Password protection puts a single shared secret between the viewer and the player. Anyone with the link and the password can watch. The password is checked server-side and rate-limited.
Steps
- Open the video from your library at /dashboard.
- Click Access.
- Choose Password and set a password.
- Save. The video now shows a password prompt before playback on both the share page and any embed.
How the prompt works
The viewer types the password into a form. The server validates it. On success, the viewer gets a short-lived signed token tied to their session and the video starts. Wrong passwords are counted; after several wrong attempts in a row, the prompt rate-limits to slow down brute-force guesses.
What is and is not in the URL
The password is never in the URL. It is also never in the embed snippet. Both safely live in plain text on third-party pages.
Resetting the password
Set a new password from the same access panel. Existing tokens become invalid; viewers need to re-enter the new password.
When password is the right choice
- Paid courses where you collect payment elsewhere and gate the video manually.
- Internal training where everyone shares one team password.
- A "preview" link for a client who is not on your VideoPlayer.ai account.
When private is a better fit
If you want each viewer individually identifiable, use private videos and invite specific email addresses. Password protection lets anyone with the password in.