diff --git a/forms/Form.php b/forms/Form.php
index 005e1c4e9..c0fdeb54f 100644
--- a/forms/Form.php
+++ b/forms/Form.php
@@ -35,6 +35,11 @@ class Form extends ViewableData {
 	 */
 	protected $hasDefaultAction = true;
 
+	/**
+	 * Variable set to true once the SecurityID hidden field has been added.
+	 */
+	protected $securityTokenAdded = false;
+
 	/**
 	 * Accessed by Form.ss; modified by formHtmlContent.
 	 * A performance enhancement over the generate-the-form-tag-and-then-remove-it code that was there previously
@@ -176,7 +181,7 @@ class Form extends ViewableData {
 	 * @return FieldSet The form fields
 	 */
 	function Fields() {
-		if($this->securityTokenEnabled()) {
+		if(!$this->securityTokenAdded && $this->securityTokenEnabled()) {
 			if(Session::get('SecurityID')) {
 				$securityID = Session::get('SecurityID');
 			} else {
@@ -184,13 +189,11 @@ class Form extends ViewableData {
 				Session::set('SecurityID', $securityID);
 			}
 			
-			$fieldsClone = clone $this->fields;
-			$fieldsClone->push(new HiddenField('SecurityID', '', $securityID));
-			
-			return $fieldsClone;
-		} else {
-			return $this->fields;
+			$this->fields->push(new HiddenField('SecurityID', '', $securityID));
+			$this->securityTokenAdded = true;
 		}
+		
+		return $this->fields;
 	}
 	
 	/**