How do I make the password field clear the contents when clicking a submission edit link on a notification email?

  • Profile Image
    iStore
    Asked on July 18, 2011 at 01:36 PM

    The form is password protected (by entering your password and clicking 'next' it takes you to the next page with the actual form detail).

    The use case is: Manager 'A' enters password and clicks to next page and enters some of the form data and submits. An email is sent to Manager 'A' and 'Human Resources' and Manager 'B'. 

    Human Resources clicks the edit link to add more detail. The edit link takes them to the first page with the password field. Here's the problem - The password field is already populated with the password that Manager 'A' entered originally. Human Resources doesn't need to enter their own password, they can simply click 'Next'. 

    This issue makes the form not very password protected.

    Please help. I've attached a screenshot of the page that loads by clicking the edit link in the notification email.

    I'm using Safari Version 5.0.5 (6533.21.1)

  • Profile Image
    NeilVicente
    Answered on July 18, 2011 at 02:24 PM

    Hi,

    I am sorry but I do not think there is any workaround to this. The password field is considered a part of the form submission entry, thus, the value entered into the password field is also loaded when the submission entry is being edited through the edit link.

    There is no way to clear the password field's content, as least none to my knowledge. Perhaps some other member of our support team can give their two cents regarding this.


    Neil

  • Profile Image
    iStore
    Answered on July 18, 2011 at 04:23 PM

    Thanks for your rapid response Neil. I would like to get a more definitive answer from another support person as this seems a bit ridiculous that the password field would retain the password. This seems to negate the value of the password feature as a security measure.

  • Profile Image
    NeilVicente
    Answered on July 19, 2011 at 01:36 AM

    No offense but I do not think that loading the password in an edit link is ridiculous since the edit link is a private page - no one will have access to the edit link unless you give it to them via autoresponders and notification mails.

    I mean, if you're giving a person permission to edit the submission entry, loading up the password in the entry shouldn't be a problem with regards to security, since the password is used for accessing the blank form, no?

  • Profile Image
    iStore
    Answered on July 19, 2011 at 02:46 AM

    Holy CRAP!!! I just had a friendly Jotform user point out that the passwords on your forms shows up in the source code on your page. He looked mine up in the source code and sent me a friendly notice via my own form. The passwords are listed right there. No hacking skills required. What the heck Jotform???? You've got to be kidding me? And you tout government level encryption? First graders could figure this stuff out (I'm embarrassed to say).

    Don't get me wrong, your product is very nice...until now. I feel so violated now...

  • Profile Image
    nlazarre
    Answered on February 27, 2016 at 05:26 PM

    There's been no answer to this question? I'm having the same issue. Is there a way to clear the password once it has been answered. The form is being used by a chain of users and certain hidden fields are password protected.
  • Profile Image
    Boris
    Answered on February 27, 2016 at 07:09 PM

    @nlazarre, as you are responding to an old thread, your question has been moved to a new thread:

    http://www.jotform.com/answers/783049

    We will be supporting you with it there, shortly. Thank you.