Why not use session management so people have to log in to use the service? Its easy to build yourself, or even easier if you want to download a module to do it for you.

whatever you do, use perl -wT, and *dont* put any JS in webpages to encrypt anything. All passwords should be stored server-side with some kind of one way hash (md5, sha-1 (i prefer hashing over encrypting as you dont need to leave a key lying about somewhere). The incoming password is then, captured, untainted, encrypted and compared to the one that is stored.

If possible, put the backend storage machine on a private network so it is harder to get to, (but that may be over kill in your situation.)

As a rule untaint *everything* that is coming from outside your script (which is what -T actually enforces)

By far the easiest method of doing this is have one script that accepts a password, and conditionally on the password being correct, it will pump out the right information.
The downside is it is *so* unscalable, and you need to re-enter the password each time you want to review the information

Just the disjointed ravings of a crazed lunatic.