Form Encryption: Passing encrypted value to another form

  • Profile Image
    veshman
    Asked on January 27, 2017 at 03:40 PM

    This doesn't seem to work for encrypted forms.....

    Is that correct or do I need to do something different?

    Thanks,

    Bhavesh Patel



    This is a re-post of a comment on How to Automatically Pass Form Data to Another Form

  • Profile Image
    Jim_R
    Answered on January 27, 2017 at 05:53 PM

    Hey Bhavesh, the actual feature of passing data from one form to another works even if you have Form Encryption enabled. However, the data being passed is rather useless since it's already encrypted to begin with.

    To better explain what I mean, have a look at this short screencast:

    The idea is that when you enable Form Encryption on your form, the data will never be readable elsewhere except from your Submissions Page and Email Notifications. These too will be encrypted but these are the only sections where you can decrypt the data for viewing.

    Just refer back to our guide about Form Encryption if you want to learn more, specially the FAQ section on that page.

    Complete guide: What-Are-Encrypted-Forms-and-How-to-Use-Them-as-Expert 

  • Profile Image
    veshman
    Answered on January 27, 2017 at 07:04 PM

    Thanks for the response! So that was my experience as well, that the data being passed was encrypted, which essentially makes pre-population useless. But since it's all within JotForm, is there a way for the receiving form to decrypt the data using my key?

    Thanks,

     

    Bhavesh 

  • Profile Image
    BJoanna
    Answered on January 28, 2017 at 05:05 AM

    I am not exactly sure if I understood your last question correctly. Are you asking if encrypted data that are passed to another form can be decrypted with your private/public key? If so, unfortunately that is not possible. 

    Your submitted data can only be decrypted with your key on submission page of your form and inside of email Notification.

    Feel free to contact us if you have any other questions. 

  • Profile Image
    Bhavesh Patel 
    Answered on January 28, 2017 at 09:01 AM

    To be specific, I have two forms and I would like for them to be encrypted, and I would like to be able to pass the name and email from one form to the second form. 

    When I followed the directions, instead of "John" getting passed, the name is getting populated with "dtgydtevfdjsjgkxntnfnf" type text.  

    is there a way that the receiving form can get a readable value?

  • Profile Image
    liyam
    Answered on January 28, 2017 at 09:21 AM

    Hello,

    When you set your form as encrypted, you cannot make use of it to pass information from one form to another. That is one of the security measures of encrypted forms. This prevents transmission or sniffing of information when the form gets submitted. 

    Your only means to transfer information from one form to another is to not make use of the feature.

    If you have other questions, please let us know.

    Thanks.

  • Profile Image
    veshman
    Answered on January 28, 2017 at 04:36 PM

    Understood.

    E.g. I understand that transmission has to be encrypted. I'm not sure why JotForm can't decrypt the data before placing it into the form. But that was basically the question. Can the 2nd form in JotForm decrypt the passed data.

    As a follow up, is there a way to selectively encrypt some fields? Meaning, perhaps everything is encrypted except for the fields I want to pass?

     

     

  • Profile Image
    Jim_R
    Answered on January 28, 2017 at 05:52 PM

    I'm not sure why JotForm can't decrypt the data before placing it into the form. But that was basically the question.

    Hi again Bhavesh - We can't decrypt the data at all. If we can, then that's a security vulnerability on its own and will defeat the entire purpose of encryption. We have an ample amount of reminders and details about this on the guide I mentioned on my first post.

    Can the 2nd form in JotForm decrypt the passed data.

    As another gentle reminder, there's no way to decrypt your data elsewhere except from your Submissions Page and your Email Notifications. That was by design and was intended for security reasons. No one can decrpyt your data except you (on those 2 places alone).

    As a follow up, is there a way to selectively encrypt some fields? Meaning, perhaps everything is encrypted except for the fields I want to pass?

    No, there's no way to selectively encrypt fields. Form Encryption takes effect on the entire form.

  • Profile Image
    veshman
    Answered on January 28, 2017 at 06:06 PM

    Ok, thanks much! And I understand. But I was hopeful to be able to pass a few fields along. It might be a nice upgrade / consideration to support selective encryption so that some parameters can be passed while allowing protection for the rest.

    One clarification, I can still use HTTPS without encryption, correct?

  • Profile Image
    Jim_R
    Answered on January 28, 2017 at 06:10 PM

    Yes, you can still use HTTPS regardless. All forms you create support HTTPS / SSL by default.

    Related article: All-Forms-are-Now-Secure-by-Default-The-SSL-Limits-on-Free-Accounts-are-Lifted

    Enjoy your weekend!