Question : web/url security

There's a long story behind this question, but i'll try to make it as simple as possible...  Essentially what I am trying to do is put sensitive files on a webserver for certain people to download (links would be emailed to them) without having them create/remember a username/password.

If i have a file (i.e. PDF file) and I want this to be put on a secure website... is having a random/temporary url path a secure way to do this?

For example if I have a URL such as www.mycompany.com/3kj432df85hjgfi4ufi8gfderii/myfile.pdf

If that path wasn't published anywhere and no direct links were given, are there technologies or crawlers that could find it?  Assuming the link would only be valid for a period of 24 or 48 hours?

Alternatively are there still ways to embed a username/password in the URL itself?  I seem to remember seeing URLs such as http://username:password@somesite.com... is that still done today and cross-browser compatible?

Thanks,

Answer : web/url security

This is essentially what RapidShare does, they just give you a really complex URL that most likely will not be randomly stumbled upon, as long as there are no links linking to it. You would most likely be safe.

If you are worried you could put the file in a password protected .zip/.rar file.

Lastly, this username:[email protected] is generally used for FTP servers, using your ASP.NET server you can set up password protected folders that would present a login screen first before letting the user view the contents of the folder / file.