You're quite right, the URL I offered isn't available from the entire Internet. I think that's a good thing. Obviously you disagree.
Have you considered having your users use VPN connections to gain access to the user password panel? That's what I'd recommend.
No VPN does not suit my needs, and I can see how having access would not suit everyones needs. So I agree with you there.
What I'd like is the options as either.
No Access.
Local Access.
or Anywhere Access.
and seperately
Allow secure (https) and Unsecure (http)
or Force Secure (https) only, (ie forward http to https).
By the number of posters commenting about how this can be done and how it can do it now etc etc... it honestly doesnt seem like a Suggestions forum.
So I admit, its not an option which everyone would want or need, But I can see people would want it, just not all of them.