I recently started password protecting important directories at vpsfix.com using nginx. I often use wget to fetch these files from other servers. We can use --user and --password flags with wget to specify our username and password.

But problem with this is that, you have to type password in plain text. So it will be exposed to anyone looking our your shoulders or going through bash logs. That's not exactly secure.

The correct way to do this is by using the --ask-password flag. Then, you'll be prompt to enter the password in the next step and the password will not be visit to anyone else. Here's an example of the command to use,

wget --user=vpsfix --ask-password  https://vpsfix.com/