Hi Eddhie,
just out of curiosity: Do the persons only want to display the information or is it for editing as well?
For displaying it might be possible to include more information in the E-Mail or create a "light" version that can be accessed online.
In the latter case I would be interested in how you are planning to handle data integrity or system auditions by external auditors? I suppose this would kill any kind of traceability and authorization concept.
From a technical standpoint you could create an anonymous service that runs with SAP_ALL privileges. That way you will not need any kind of password, which is, from a security perspective, pretty much the same as a password hardcoded in a HTTP URL. Anyhow I would strongly advice you not to do this.
cheers
Carsten