If we choose the have the form data sent to an email address, will this be securely sent?

  • Profile Image
    brian
    Asked on September 02, 2011 at 03:39 AM
  • Profile Image
    mliz
    Answered on September 02, 2011 at 06:26 AM

    Hi Brian,

    The emails notifications are sent in plain text so they are not secure.
    Only use emails to get alerts to know there is a new submission.
    Once you receive an email alert, use https://www.jotform.com secure URL to
    log into JotForm site and look at the submission details securely.

    Hope this helps.


    Regards,
    Mliz

  • Profile Image
    abajan
    Answered on September 02, 2011 at 07:37 AM

    Hi Brian

    Adding to what my colleague stated, to further enhance security (although, to be honest, no method is really 100% hack-proof) share only the secure version of the form.

    Let me elaborate. Each form you create actually has several URLs via which it may be directly accessed. For instance, you can get to the form in the screenshot below (click the image) by going to any of the following addresses:

    https://www.jotform.com/form/12444524423 (this is the one the image links to)
    http://form.jotform.com/12444524423
    http://form.jotform.com/form/12444524423
    http://jotfor.ms/12444524423
    http://jotfor.ms/form/12444524423

    A submission sent via any of those addresses is not secure. By "not secure" I mean that there is the possibility that it may be intercepted and read enroute to its destination. However, just appending the protocol part (the "http") of the first one with an "s" will secure submissions:

    https://www.jotform.com/form/12444524423

    If the form is to be embedded in a webpage, the best way to ensure that submissions are secure is to check Secure Form in the Embed Form Wizard before getting the embed code. It should be noted here that secure forms cannot be embedded in unsecured webpages. In such instances, only links (text or image) to the form can be placed on the page. Also, the sources of all images (the addresses at which they are stored) on the form (like logos, for example) must also be secure. See this thread for information on how to easily do that.

    One thing to bear in mind is that Free accounts are only alloted ten (10) secure submissions per month. Also, submissions are counted on a per account rather than on a per form basis. So, if you had five (5) forms, each having had two (2) secure submissions in a given calendar month, your submission quota for that month would have been reached and no further submissions (whether secure or not) would be allowed for the remainder of the month. Therefore, if you absolutely must have secure submissions, you might consider upgrading to a Premium account which allows 1,000 SSL submissions (unless you expect to only get 10 secure submissions per month).

    For more info on http versus https, watch this short YouTube video.

    If you need further help with this or anything else related to your form(s), be sure to let us know. Our team will be glad to assist you however best we can.

    Thanks & Welcome to JotForm :)


    ~ Wayne

    P.S. Actually, I only just discovered that if you login to the secure version of JotForm (https://jotform.com) there's no need to check Secure Form before using the embed codes.

    Live and learn :)