FormAssembly’s Security Features
In light of the ongoing Firesheep controversy (a new software that dramatically facilitates a class of attack called ‘session hijacking’), we’d like to take a moment to remind you of the features FormAssembly already has in place to help protect you and your data.
To protect yourself while browsing responses or creating forms in FormAssembly, you can turn on secure browsing. To do this, login to your account then open the “My Account” tab. The panel that loads there, “Preferences,” contains a checkbox next to the option “Keep the connection encrypted while I’m logged in.” Checking this box will cause all your activity within FormAssembly to be sent over a secure, encrypted connection.
This will protect you from the type of session hijacking attacks facilitated by the Firesheep software.
1. “Secure Browsing” is not available to users on the free (Starter) plan.
2. Customers using our Salesforce AppExchange application are protected by default, and cannot disable the ‘secure browsing’ option.
More on Firesheep and session-hijacking: