How to limit access to a form with a password or an access key

  • Profile Image
    Asked on December 31, 2015 at 06:37 AM

    Is there a way that I could password a form and restrict its usage.


    IE I need to survey my members, they may need to vote on any given subject, I don't want multiple  submissions from one member, I also dont want them to share a password. I need to restrict the form by any given member to say two submissions and then inform the member that they have reached the max number of submission allowed at the same time restrict usage of the password in the same way.


    cant supply a url as the form has not been constructed yet

  • Profile Image
    Answered on December 31, 2015 at 10:41 AM

    If you were to allow your users only one submission on your form, you could achieve this by using the Form Limits with a Unique Question or a Unique Submission form limits.

    How to Limit Submissions in a Form

    Now, as you are looking to have two or more submissions from each member, and each member will have their own special "password" or "access key", this is a bit more complex and we would not be able to achieve it with Form Limits.

    1. However, we could still achieve this if you provide each member with 2 different access keys which they can use to vote - one access key for each vote. So we first set up Form Limits to use the Access Key field as a Unique Question - any access key will be able to be submitted only once.

    2. You will then need to set up conditional logic in such a way that the form is hidden unless one of the correct "passwords" in entered into the access key field.

    I have set up a small demo form of the above here: (you can clone it into your own account for closer inspection)

    You can use mysecretkey1 and mysecretkey2 as access keys to unlock the form. Once you submit the form with one access key, the form will not be able to be submitted with the same access key. Feel free to submit the above form to see if this is what you wanted to achieve.

    Please let us know if you need further clarifications or if you hit any snags along the way, and we will be happy to help.

  • Profile Image
    Answered on January 22, 2016 at 12:36 PM

    thanks for this , but does this not mean that everybody would have the same password  or would I need to set up a field for each person this would be very time consuming should you have 200 members or more that are being surveyed , Is there not something like a list box that all the codes would be saved under then one of the code could be selected from the list matched  with the a code that was provided to the member prior.


    If I was to create some kind of text field  could this work the same way as a "notification". Email followed by a coma, space,  email , basically using it as a db of reference codes.

  • Profile Image
    Answered on January 22, 2016 at 01:22 PM

    The above method would require having a single field where all your users would be entering their password. However, you would need to add as many conditions as there would be passwords, which means that if there are 200 users each with 2 passwords/access keys, you would need to have 400 EQUALS TO conditions.

    Luckily, we do have means to use a single conditions with a huge list of comma separated passwords. Instead of using multiple "is equal to" conditions such as:

    IF access key field IS EQUAL TO secretkey

    we would use a single "contains" condition:

    IF access key field CONTAINS secretkey1,secretkey2,secretkey3,secretkey4

    Though please keep in mind that there are 2 downsides to using the "contains" rule.

    1) You would not be able to use a comma as an actual character in any of the passwords.

    2) As the rule literally means to contain that word, your users could cheat the system by adding additional characters to the start or the end of their access key. For example, if they were provided with an access key "chicken", they could enter anything such as "123chicken" or "chickencrossedtheroad", and they would pass as valid password on the "contains" conditional rule.

    If you still want to use the contains condition, you can use it as in the following images. old interface:

    New interface:

    In order to ensure that your users can only enter the exact access key that they are provided, it would still be preferable to use 400 conditions with "is equal to" rules, rather than a single condition with the "contain" rule and a list of possible access keys.

    I hope this helps.

  • Profile Image
    Answered on January 26, 2016 at 05:20 AM

    Thanks for your grate explanation, this I feel would be to time consuming. Should I create a pass-worded page on my web site and link it to my form is there a way that I can either hide or hash the form URL address so it cant be copied, basically the only way into the form is via (in this case the pass-worded web page). I dont expect you to comment on the workings of a web site just the question about the form address.


  • Profile Image
    Answered on January 26, 2016 at 12:01 PM

    You are most welcome.

    Yes, creating a password protected page on your website might be a better way to ensure that your users can access the form only the selected number of times. The form address can't be hidden from the user, unless you use the source code version of your form (in which case, the code of the form would be on your password protected page and the form would not be loading from an URL).

    However, as non-technical users do not normally know how to use the Inspect Element feature of the browser to inspect your page and find out the URL of the form, you should be fairly safe even by using the iFrame embed method.

    Let us know if there is anything else we can help you with, and we will be most happy to do so. :)