looking into the source coda via inspect elements, it seems like the passwords are stored in a file on the server
accessed https://www.hackthissite.org/missions/basic/3/password.php and....
solved.