Are all my forms encrypted?

  • Profile Image
    Asked on September 27, 2017 at 04:16 PM
  • Profile Image
    Answered on September 27, 2017 at 04:53 PM

    If you're asking about the Form Encryption feature, then the short answer is no, this is not enabled by default. You can enable it by navigating to SETTINGS > FORM SETTINGS > SHOW MORE OPTIONS > then toggle the ENCRYPT FORM DATA option to YES.

    Related guide: How-Can-I-Enable-Form-Encryption 

    It's worth mentioning that your Forms and Submissions are already transmitted securely with a 256 bit high-grade encryption, which means that data is encrypted during the transmission and cannot be interrupted by anyone else. We have an SSL certificate that uses SHA256 with RSA encryption which you can test here if necessary.

    Related article: All-Forms-are-Now-Secured-by-Default

    The Form Encryption feature is an added layer of security on top of what I mentioned above so it's optional. While a secure HTTPS form encrypts data in transfer, an encrypted form encrypts the stored data on top of that. There is no way to decrypt the stored submission data without the correct private key. For ultimate security, we do not store the private keys on our end when you use encrypted forms.

    I strongly recommend you review the Q&A section of the guide I'm linking below before you enable Form Encryption so you have an idea how it works.

    Complete guide: What-Are-Encrypted-Forms-and-How-to-Use-Them