When you create a form using Google Forms, the form is public by default meaning it can be filled out by anyone on the Internet as long as they know the web URL of that form. If you are a Google Apps user, you can put the form behind a login screen such that only members of your domain /organization can access and fill out that form but this feature is not available to other users who have regular Google accounts.
Now there can be a scenario where you may want to password-protect your Google Forms and restrict access to certain users who have been provided the password. This feature is obviously not available in Google Forms but we can use a simple workaround that will prevent users from entering data into that form if they do not know the password.
Before we get into the implementation details, let’s go on a test drive. Open this Google Form and you’ll notice that it has a password field. You’ll have to enter the correct password* to see the actual form else it won’t let you move past the first screen.
PS:The form’s password is www.labnol.org (case sensitive, no spaces please)
What we have done here is split the actual form into two pages. The first page of the form has the password input field and only when the user enters the correct password are they taken to the second page that contains the actual form. Here’s a step by step guide:
- Go to the Google Forms editor and add a text field. Call it “Password” and make it a required question as shown in the illustration below.
- Expand the Data Validation section and choose Regular Expression -> Matches from the dropdown.
- In the input field enter the password that you would like the user to enter and enclose this string between ^$. For instance, if you are setting the form password as HelloWorld, enter ^HelloWorld$ in the validation input field.
- Next click the Inert menu and choose Page Break. This is the second page where you can add your regular form fields. Save the form.
We are essentially using regular expressions to validate user input in the Google Form and proceed only if it matches a custom value.
The validation happens in the client’s browser and therefore this approach is more of a workaround and not a bullet-proof solution. Anyone with fair understanding of HTML can figure out the form’s password by either looking at the HTML source of the form or through Chrome Dev Tools.