Continue Forms Later: Validate user before continuing filling out the form.

  • Profile Image
    Asked on December 19, 2019 at 10:35 AM

    Is there a way to create a unique password for each user? Or to somehow otherwise protect a partially completed form from being visible to others? We are using two forms so the long main form, with multiple pages, can be resumed later. But if someone has the form ID and a user’s email address, they could access the user’s partially completed form.

    This is a re-post of a comment on Announcing password-protected forms

  • Profile Image
    Answered on December 19, 2019 at 11:42 AM

    How about adding/asking access code in the first form and pass it to the second form. You can then use the access code to conditional logic so you can show/hide all fields based on the user's response.

    If the access code is correct then show all fields. Otherwise, all fields will be hidden.

    Guide: How-to-Show-or-Hide-Fields-Base-on-User-s-Answer

  • Profile Image
    Answered on December 19, 2019 at 12:50 PM
    Thanks for the quick response. I like this idea. How do I pass a field to the second form without including it in the URL?
  • Profile Image
    Answered on December 19, 2019 at 01:50 PM
    How about using email validation? Is it possible to hide fields until the email is validated with the proper code?
  • Profile Image
    Answered on December 19, 2019 at 04:01 PM

    Unfortunately, it's not possible to pass data from one form to another without using the GET method (though URL). 

    Now, upon testing something related about your second question, it's possible to use the email validator widget which sill send a code to the submitter email address and you can set up show/hide conditions based on this so if the widget is filled and the code entered is correct, you can show content. 

    Here's the link to the widget:

    You may refer to the guide provided by my colleague above to set up the show/hide conditions. 

    Also, I'm opening  a feature request for this, although we cannot provide an ETA, we would keep you updated via this thread. 

  • Profile Image
    Answered on December 19, 2019 at 05:50 PM
    Thanks. As a follow-up question, I would like to know how to show/hide fields based on the Email Validator widget. I tried looking for when the Email Validator field was “filled” to show the fields, but when I passed “email” to the form through a URL after the email had been validated once, it just filled the email field for the email validator widget. It seemed to be saving the validation with the form data. Is there a way to make this renew each time? Also tried the Random Value Generator, but having trouble passing that to the form, so could really use your help!
  • Profile Image
    Answered on December 19, 2019 at 07:22 PM

    How would you like to consider setting up your form like this instead?

    On the Initial form, just use the regular Email Field.

    Then, on the (second) Main Form, pass the value of the Email Field in the Initial Form to a hidden Email Field on the Main Form via URL.

    Add an Email Validator widget on your form and create a condition that if the value in the Email Field and the Email Validator is not the same, the rest of the form is hidden.

    Instruct your respondents that they need to enter the same email address they used in the Initial Form in the Email Validator widget on the Main Form. They still need to complete the verification on the widget to trigger the condition that that checks if the email address they entered matches the email address in the hidden Email Field so the rest of the form will show.

    If they enter a different email address, the rules in the condition will not be met and the rest of the form will remain hidden even if they verify the incorrect email address.

    Please feel free to let us know if you need a demo form for this workaround so we can create one for you. Let us know also if you need any further assistance.

  • Profile Image
    Answered on December 20, 2019 at 08:50 AM
    There is one lingering issue with this idea:
    How do I pass the Email field to the Main Form on a repeat visit (after Email Validator widget has been successfully confirmed), without it populating the email field associated with the Email Validator widget?
    On repeat visits to the Main Form, after the Email Validator widget has been confirmed, a new confirmation is not being required when the email is in the URL.
    For an unsubmitted form, this would expose a user’s personal information to anyone with a link to the form and the user’s email address.
  • Profile Image
    Answered on December 20, 2019 at 09:05 AM

    Please allow us some time to do some tests and to check for any other possible workaround. We will get back to you via this thread.

  • Profile Image
    Answered on December 22, 2019 at 02:56 AM


    Our developers are actually working on a new feature to save form progress. Basically, your users will be asked to login to save or continue a form. In this case, no need to show email or any other information within URL, once logged in, here is what users see: 


    Sounds to be secured enough to achieve what you need. Would you mind to give it a try and let us know how it works for you?


  • Profile Image
    Answered on December 22, 2019 at 11:50 AM
    I’ve been testing this new feature. I have a few comments.
    1. Creating an account doesn’t really do anything. After entering an email and password, I wasn’t asked to verify email or anything. I got a link to the form and was never asked for the password again. I don’t see any point in this step. I was able to cut and paste the link into a different browser and continue.
    2. I would need the ability to white label things so it didn’t look like it was Jotform but instead, my company.
    3. I changed the Advanced settings so the email should come from my email address, but the email continued to come from
    4. The session continues with the browser by following the link to the form again. We would need to do something to clear the cookies if different users are using same iPad.
    This seems to be a way to continue the session with a session ID that is different than email address. It adds some security so that someone would have to have that ID, rather than just someone’s email address. Correct?
  • Profile Image
    Answered on December 22, 2019 at 12:26 PM

    #1. Please note that if your are saving the input data in session or in cookies, the data will be saved and user will continue when the access the session url but it will not authenticate the user each time. 

    #2 & #3. Have your setup SMTP in your account and set it as sender email in your form? Please let us know the form with which you are having this issue with and we will take a look. 

    #4. If the data is being saved in the session, you will be able to access it using the session URL and it does not save anything in the browser. You need to disable the "Continue form later" and use the session feature. Yes you can use ID (unique ID) or randomly generate an ID (Random Value Generator)