What should I do if I lose my Private Key for encryption?

  • KnowsleyDisabilityConcern
    Asked on May 31, 2017 at 2:32 PM

    Hi

    really stupid but I don't know what my private key is or where I may even have stored it if I have one! How can I reset this or remedy the situation?

    Do I need to remove encrypt and start again?

    thanks, please help

    Johanne

  • Support_Management Jotform Support
    Replied on May 31, 2017 at 4:28 PM

    Hello Johanne - The short answer to your question is no, there's no way to decrypt your encrypted submission data now that you don't know or lost your private key.

    Keep in mind that if you lost your Private Key, sadly, there's nothing much we can do. This is something that we mentioned on our guide for Encrypted-Forms-and-How-to-Use-Them 

    (a snippet from that page)

    What happens with submissions if we lose the private key?

    If you have lost the private key, then there is not much that you can do - it means that your encrypted data is lost forever, there is no copy of the same on our servers and it is not possible to crack the one that you had.

    The only recommendation is to turn off encryption right away on each form so that you can start receiving the submissions - which you will be able to see (as the encryption is turned off), while you can leave the encrypted submissions in your Submissions Panel in case you find the key at some later point in time.

    To give you an idea how to decrypt your submission data, both from your Submissions page and from Email, refer to the following clips:

    1. Via Submission page:

    What should I do if I lose my Private Key for encryption? Image 1 Screenshot 30

    2. Via email notification:

    What should I do if I lose my Private Key for encryption? Image 2 Screenshot 41

    Do I need to remove encrypt and start again?

    If there's really no way for you to find the key again, you won't get to decrypt previously encrypted data anymore. So, removing the encryption and generating a new key would be a better way to go rather than continuing with a locked submission without a key.

    To put it in perspective, everytime you encrypt a form, a new key-lock combination is being generated and the only key that can open that lock would be that sole private key that was generated.