membership page restrictions- can I use my form to generate login credentials?

  • Profile Image
    Asked on March 13, 2014 at 03:12 PM

    We would like to keep certain pages restricted to members only. I know you don't allow JotForm to be used for logins. Would there be a problem, from your point of view, if we generate a username and password from a JotForm? We would then use our CMS to restrict access accordingly.

  • Profile Image
    Answered on March 13, 2014 at 06:25 PM

    Strictly speaking - yes.

    I do not disagree that you intention is reasonable, but that would open a door for hackers and phishers to prey on innocent form users - say - should your form be cloned and purported for the 'same purpose.'

    However, you could create a form that collects - say, name and email address, then the form users are emailed a username and password through some randomized calculation performed by the form- that would not be a violation of our terms of use.

    But like I said - its not encouraged to use Jotform for any login purposes  -

    You would have to notify us to examine the form though - our automated system will flag the form as a security risk.

    Let us know if this helps

  • Profile Image
    Answered on March 13, 2014 at 10:04 PM

    I haven't created the code for our form yet - wanted to see if it was worth the time if JotForm would't allow. It would be very similar to this form already created. The info would be inserted into a MySQL database along with a random generated password. Username and password would be emailed for later use on membership pages.

  • Profile Image
    Answered on March 14, 2014 at 02:30 AM

    Hello milbra,

    As my colleague have already explained, the safest option for you will be to just ask for Name, email address and/or username in your form and then add some custom script to auto generate random password. This password can be sent in an email to the users. 

    We will not suggest you to add password field in your form. We have automated anti-phishing system which scans all forms and mark them with probability of being used for phishing activities. The combination of "Username/password" or "Email address / password" fields in your form will trigger our anti-phishing system immediately.

    Thank you!