Announcing Encrypted Forms 2.0

Announcing Encrypted Forms 2.0

In 2022, the data of over 422 million individuals was impacted by data breaches. 

This unfortunate reality doesn’t sway us. In fact, it’s what drives us to be focused (you might even say obsessive) about providing the highest level of security for your forms and accounts.

Today, we’re proud to introduce the next evolution of form security with Encrypted Forms 2.0.

There are unlimited purposes for forms, and each form contains its own kind of data — but all of it is sensitive and worth protecting. Encrypted Forms 2.0 delivers enhanced protection with

  • More security: End-to-end encryption (E2EE) guards against unauthorized access and ensures data hasn’t been interfered with during transmission.
  • Improved performance: Better performing encryption and decreased decryption times mean faster and more reliable access to your submissions.
  • Better usability: Using a password — instead of a key file — to encrypt submissions is more intuitive; plus there’s a more engaging user interface.

What is form encryption, and why is it important?

Whether you’re a pro with forms or just a newbie, it might be helpful to get an understanding of form encryption and why E2EE is important when it comes to protecting your information.

Put simply, an encrypted form is one where the user’s responses are transferred and stored in an encrypted format. They are encrypted in the web browser of the person filling out the form and can’t be viewed by anyone else at any time (unless they have the encryption key or password).

With end-to-end encryption — the technique we’re now using — data is encrypted on the sender’s device and decrypted on the recipient’s device, so no one has access to the unencrypted data in between.

Generally speaking, encryption helps protect sensitive data such as passwords, personally identifiable information (PII), credit card or banking information, and more.

Jotform had form encryption before, so what's changing
Encryption 1.0: asymmetric encryption, two keys to encrypt and decrypt dataE2EE 2.0: symmetric encryption, simplified by a single password to encrypt and decrypt data
Account based: all forms in your account encrypted with the same keyForm based: each form has its own password, increasing security across all forms
File-based key downloads that need to be stored Passwords

If you’d like to learn more about Encrypted Forms 2.0, join our webinar happening on August 3 at 11 a.m. (PT).

How to use Encrypted Forms 2.0

Ready to get next-level protection for your encrypted forms? Don’t worry; setting this up is simple.

Screenshot depicting the interface for enhancing security of encrypted forms in Jotform

To encrypt your forms, go to the Settings tab in the form builder (note: you can also select Form Encryption from the More dropdown on the My Forms homepage). The third option on the page is Encrypt Form Data. Switch the toggle to “yes.”

First, verify that it’s indeed you who wants to encrypt your form data. This is in the event that your device/browser is open, in a public/crowded space, or for other similar reasons. It’s an extra step to deter others from gaining access to your data.

Screenshot of a user verification process on Jotform

You can verify it’s you by signing into your Google account; using our other login options, such as Microsoft, Facebook, or Apple; or entering your account password.

Screenshot showing multiple authentication options to verify user identity on Jotform

Next you’ll set your encryption password. This is the one and only password you’ll use to access your encrypted data later on, so be aware that if you lose your password, you’ll lose access to the data for that form (we can’t recover it for you). Your password must be a minimum of eight characters.

Click Enable Encryption to finish setting up your encrypted form.

user interface of data security pledge form

When you preview your form, or send it out for submissions, you’ll notice that an Encrypted Form badge appears in the bottom right.

Checking your submissions in Jotform Inbox & Jotform Tables

To check your encrypted form data, either click View Submission in your notification email, or visit Jotform Inbox or Jotform Tables for that form.

screenshot of access encrypted submissions

In both interfaces, you’ll first be greeted with a prompt to Access Your Encrypted Form. This is where you enter your encryption password. Once entered, click the green Access button.

At this point you can view your unencrypted form data.

Screenshot showing an unencrypted form data view in Jotform
Screenshot showing the 'Encrypt Entries' button on the top right corner of the Jotform interface

If you happen to be using your computer in public, or for some other reason would like to encrypt your submission while viewing it in your inbox or table, simply click the Encrypt Entries button on the top right of the screen.

Upon clicking, the interface will show the submission again but in the same format you first encountered.

Youtube Embed Poster: Vrdn0cPr4ZU

What to be aware of when using encrypted forms

Encrypted forms are a smart way to ensure the security of your data. However, you should be aware that some Jotform features are incompatible with form encryption.

Mainly that’s because E2EE encryption occurs on your very own computer/device/kiosk or wherever your forms are filled out. As a result, Jotform doesn’t have access to the decrypted data, which is necessary to carry out the proper functionality for these products/features.

Here’s a list of the features that have limited functionality or are incompatible with Encrypted Forms 2.0:

Screenshot showing a list of features in Jotform that have limited functionality or are incompatible with Encrypted Forms 2
  • Jotform Sign. The automation portion of Jotform Sign (digital certificate, audit log, etc.) can’t be generated with encrypted forms. However, the basic signature element in the form builder is compatible with Encrypted Forms 2.0 as long as Jotform Sign automation isn’t enabled.
  • Third-party integrations. Payment gateways, however, do still work.
  • Save and Continue Later
  • Change Email Recipient condition
  • Jotform Approvals
  • Autoresponder emails. However, notification emails (with standard, non-customizable content) will be sent to form owners.
  • PDF downloads. The data in the PDF Editor can still be viewed and printed.
  • Report Builder and form reports. Excel, Grid Listing, HTML Table, RSS, and Calendar reports are available.

Did you know

A word about HIPAA. Forms that enable HIPAA compliance are automatically encrypted, though the type and method of encryption differs from Encrypted Forms 2.0. If you’re a healthcare organization and interested in learning more, check out our HIPAA features.

If any of the platform features mentioned above are crucial to your workflow needs, don’t fret! There are still ways to ramp up the security of your data without losing the tools you need to get your job done.

Whether you encrypt your forms or not, we’ve included some best practices for better privacy and data security:

  • Use password protection to limit access to your forms.
  • Password managers: Use a password manager like 1password or Bitwarden to securely manage the 100 passwords the average person has these days! 😬
  • In the Publish tab of the form builder, update the Access Settings to Private. This way, only people who are invited can access your form.
  • If you’re on a Jotform Enterprise plan, you can add multiple users to your account to stay in control of your data and/or use single sign-on (SSO) — where users have to be authenticated before they can view your form.
  • Always use strong/complex passwords, and be aware of who has physical access to your devices.
  • You can learn more about how we secure your forms and accounts by checking out the chapter “How to secure your forms” in Jotform for Beginners.

For those who have been using the existing encrypted forms feature, be advised that this new version of encryption will only apply to forms you create moving forward. Any forms using the prior version of encrypted forms (and that received submissions) will continue using the prior version. 

In the past, it was possible to set form encryption as a default for all forms via the Account Security page. For those users who employed this setting (and only those users), your forms will continue using the old version of the feature for existing and new forms, until you uncheck this option.

Encrypted Forms 2.0 and the final word on security

We’re always “banging the drum” about security because we take your trust in us very seriously. It’s why no matter what your needs are, we’re committed to delivering industry leading data security and form encryption.

Encrypted Forms 2.0 is the latest step along our journey, offering you next-level protection through end-to-end encryption and better reliability through faster processing times and a revamped user interface.

Finally, we have an Encrypted Forms 2.0 help guide for more step-by-step instructions and resources. Stay safe out there! 

Chris is a Content Marketer and Creator at Jotform with a wealth of experience in online marketing, content marketing and people management. He's a lover of words who believes writing can be a force for positive outcomes both in business and in life. In addition to writing for Jotform, Chris has contributed to software blogs including Hubspot, AWeber and Atlassian. Chris's work has garnered an international industry award (PMA) and was recognized by PerformanceIN for being a top traffic driver in 2017. Chris is passionate about travel, film, design and great food/wine and he writes about them on his site You can reach Chris through his contact form.

Send Comment:

Jotform Avatar
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.