I know what you're after. I own a 3D printer and I could have guessed as much. In my humble opinion, perhaps the easiest/safest approach to remote-controlling your printer is merely remote-controlling a local computer you have there in your network and then controlling the printer from that session. If you have a MacBook you're looking for "Back to my Mac" which is a built-in feature. In this way, you're not punching holes through your firewall and creating places through which hackers can crawl through. I'd consider this #2 on the best-practices list. Apple has done all the work in providing a secure way of remoting in and I'm sure they've paid people to try to hack around their best attempts.
The actual #1 best-practice method which I would have put in place while an I.T. Manager for decades would be something called a VPN (either using hardware or software). So you're in Starbucks on your MacBook let's say, you connect to their wifi, click the VPN feature and suddenly it's as if your laptop is now at home. Jump into your browser and you're easily controlling your printer. Again, VPNs are industry-standard and I know of no way of hacking around their security.
Now, onto "other methods". These generally fall into the realm of port-forwarding of some kind and include those options of using proxies and even client certificates to tighten down who-may-visit. A proxy can help to limit what things the remote person may do. A client certificate restriction limits things to who can do it and is very effective.
For that collection of 3,000 on the list, at least 90% of those didn't even have User Access turned on. I was able to fully-control their 3D printer. And yet, the remaining still presented me with a login page on their remote printer. Remind yourself that OctoPrint is open-source as well as Debian, the underlying operating system upon which it sits. So is the OctoPi-creation process which places files on the system to allow the
pi user to perform some actions without providing a password to become
Now imagine for a moment what someone like myself with four decades of computer experience might know. Or how about someone with some script that they downloaded from some hacker website? I'm not going to teach anyone here how to hack the login page of OctoPrint nor should I need to in order to "save the world" of 3D printing.
Think of login pages as you do the standard lock on someone's front door. It's secure, right? But they're not secure against someone with a bump key and a little time. A door lock will keep out a reasonably-honest person. It's not designed to be secure against someone who doesn't care about rules. Remind yourself that a hacker is someone like this.
My opinion of the login page's ability to secure you against a motivated hacker is perhaps one on a scale of five (the same for home locks). Client certificates is at least a four on that list.