Do report passwords work on Cookie, IP address or time-dependency?

  • Profile Image
    Asked on April 12, 2012 at 10:10 AM


    A client of mine requires a report password protected.

    The password that one can protect a report with only has to be entered once on any particular machine and the report remains accessible without a password being applied every time.

    However, the client requires, from a data protection point of view, a password that must be applied each time the table is accessed .... mmm .... this doesn't seem to be possible unless the client clears the cache every time .... and they are not going to do that are they?

    Can you advise me on how I could implement this and how the current password thing works please ... cookie, ip address, time-dependency

    Many thanks, Regards Mark

  • Profile Image
    Answered on April 12, 2012 at 03:01 PM

    LOL ... excuse me while I compose myself .... ;)

    Congratulations .... that has to be a contender for the worstly answered jotform question I've ever asked - and I've asked stacks ;)

    Your answer answers the question ...

    "Is it possible to password protect reports?"

    My question is entirely different ;) .... anyone else shed any light?

    Regards Marlk

  • Profile Image
    Answered on April 12, 2012 at 03:43 PM


    Sorry for misunderstanding your question. I think the way to ensure that the password is always entered when accessing these reports is by disabling browser  cookies whenever working on machines especially those used by more than one user.

    I have some links yu may find helpful;

    1. How to clear your browser's cookies -

    2. Clear cache guide -

    3. Clearing passwords saved in your browser -

    My other colleagues i am sure will make their comments too on the issue. Sorry the answer given previously is how to set passowrds for reports.

    Thanks for using Jotform.

  • Profile Image
    Answered on April 12, 2012 at 04:39 PM

    Many thanks,

    Am I correct that it is based on cookies then ... not iP address?

    I can't really ask clients to disable cookies ... they'll tell me to "do one" if you catch my drift ;)

    Regards Mark

  • Profile Image
    Answered on April 12, 2012 at 06:13 PM

    Hi Mark,

    To confirm, yes, it is cookie based.

    Indeed we cannot ask clients to do it for us (got that experienced too =) ).
    Perhaps I can offer a suggestion, or a diversion for that matter.

    To my knowledge, http cookies can also be cleared (just the way they were implemented initially).
    If we can divert the clients to pass through a 'cookie clearing' process before they proceed to view the report then, it make them always pass the password entry process since the cookie session/cache is cleared.

    To make this possible, there is a need to find out how the cookie was created (i.e. what is the name of that cookie), so that you can catch and clear it on 'cookie clearing' session. A javascript function on a form(that is if the client have to pass thru a form..) can clear that cookie.

    I hope I have contributed in a helpful way. Please inform us if you require further assistance.