User password communicated to site owner by Hubspot
Hello
Using Woocommerce and Hubspot when my users create new account or wants to change password I sometimes receive the password information through Hubspot. This should not happen. Can you please advise what to do?
I have not made any specific change to the Woocommerce fields.
Happens if following fields for example:
.checkout, .woocommerce-checkout or .woocommerce-form, .woocommerce-form-register, .register
Could you please help me on this as I cannot seem to find any answer online?
User password communicated to site owner by Hubspot
Hello @NIngmansson , thank you for your patience, the way that Non-HubSpot forms work is that they will collect any information from any submission where the HubSpot tracking code is on the page and there is an html <form> tag. The html <form> tells us that something is a form and if thesetting to collect non-HubSpot forms is on, the tracking code is on the page and the form is inside a html form tag then we will collect the data. In that sense everything is working as designed.
That being said storing passwords is a violation of terms of service this is something that we do not recommend our customers would want to do.
You have a few options to resolve this.
Remove the tracking code of specific pages that handle passwords so that we never collect the password. The downside here is that you will lose the tracking info.
Work with a developer to take the form out of the html form tag but still have it function as hoped on their end. If there is no html <form> tag we will not collect the submission data.
And most recommended option is to turn off the setting to collect non-HubSpot forms and if you have non-HubSpot forms that you want to collect you can utilize ourforms apito send a submission for the specific forms that they want to track, excluding the ones with password info.
User password communicated to site owner by Hubspot
Hello @NIngmansson, just wanted to ask a few more questions, are you using the external form feature, or you have an integration set up to send these form submissions? Could you please send me a DM with the form URLs that this is happening?
The forms used are Woocommerce forms that are picked up by Hubspot. The passwords should be (and were?) secured by Woocommerce and not transfer into Hubspot. This does not happen everytime and I have not found out what would trigger the appearance of the password in the Hubspot mail subsequent to form entry.
User password communicated to site owner by Hubspot
Hello @NIngmansson , thank you for the information, I indeed received your DM and I am talking with our team more about this matter, will update in this thread once I hear back from them.
User password communicated to site owner by Hubspot
Not for me. We have disconnected the automatic mails so we don't receive the passwords. If ever you get a better answer or a solution I would be thankful if you could share it.