What is JotForm?
JotForm is a free online form builder which helps you create online forms without writing a single line of code. No sign-up required.
At JotForm, we want to make sure that you’re getting the online form builder help that you need. Our friendly customer support team is available 24/7.
We believe that if one user has a question, there could be more users who may have the same question. This is why many of our support forum threads are public and available to be searched and viewed. If you’d like help immediately, feel free to search for a similar question, or submit your question or concern.
I have a question about security.Asked by hclc on August 21, 2015 at 07:13 PM
I have a question about security. If the session ID is an email address, couldn't I use someone else's email and find the data in the fields already entered?
This is a re-post of a comment on How to Save Forms and Continue Later
Technically, yes, but you would need to already know the exact email address of that other participant. Also, if they have completed and submitted their form, the session would end and would no longer be accessible with that email address as a session.
Still, if you wish to make your form sessions more secure/private, you could combine two or more answers to create a session.
I hope this helps. Please let us know if you need further assistance.
One more question about security - I was told once the user submits the form the info in the fields should no longer be there. Yet, when I am using my form and submit, if I go restart the form all the data is still there. Again, I am concerned about security, especially if people are using a shared computer.
(Private)Answered by EltonCris on August 24, 2015 at 09:17 PM
Once the session data is submitted, it will be automatically cleared on the server. So meaning, it will not longer be accessible form anywhere else. Also, when you press the back button on your browser after submitting the form, all the fields should be automatically cleared. If not, you might be using different feature, the only one I could think of is the Auto fill (which is not necessary if you are using session parameter). Take note that Auto fill will save the data on the browser local storage, so whenever you use the same browser to open your form, the data saved on the browser will auto-populate to the form. I would suggest to turn this off if you are using session parameter.
That worked. Thank you!
Glad to hear it! On behalf of my colleagues your are most welcome. If you have any further questions, let us know and we will be happy to help.