How secure is JotForm?

  • Profile Image
    pagins
    Asked on March 24, 2016 at 09:25 AM

     Should I feel confident requesting personally identifiable information via JotForm?

  • Profile Image
    Jan
    Answered on March 24, 2016 at 10:20 AM

    We take security here in JotForm very seriously. All of the submissions are using SSL.

    The forms and submissions are transmitted securely with a 256 bit high-grade encryption. It means that the data is encrypted during the transmission and cannot be interrupted by anyone else. We have a SSL certificate that uses SHA256 /w RSA. (https://www.ssllabs.com/ssltest/analyze.html?d=secure.jotform.com)

    We have bug bounty programs where we pay outside parties for reporting vulnerabilities in our system. Our servers are protected by private networks and constantly updated and patched.

    We are Safe Harbor Certified, please check this blog post for further information. You can also encrypt your forms, please check this page to know more.

    Please check our FAQ: https://www.jotform.com/faq#18

    If you have any specific questions about security, please let us know. We are more than happy to answer them. Thank you.

     

  • Profile Image
    Dave Crout 
    Answered on December 06, 2016 at 12:59 PM

    Hi,

    When a user fills out a textfield or textbox on a form, they could embed malicious script in the text, which could potentially result in a hack to our systems.

    How does Jotform guard against  Cross Site Scripting attacks? Are you OWASP (Open Web Application Security Project) certified ?

    Thank You,

    Dave Crout

     

  • Profile Image
    Jan
    Answered on December 06, 2016 at 01:26 PM

    @Dave Crout

    I created a separate thread for your question, here's the link: https://www.jotform.com/answers/1004940.

    Thank you.

  • Profile Image
    pagins
    Answered on December 06, 2016 at 01:45 PM
    Good question!
    ...