This task is to retrieve the password to a login page.
In the source code we find a usleep(20000) which is executed when the checked letter of the input is correct.
To bruteforce the password we write a script which throws an exception if a given timeout is exceeded.
This way we can compute the complete password letter by letter.
With the password Z9A9x we get the flag: