You must enable data encryption if you are collecting sensitive data such as credit card or social security numbers and storing them in your Formstack database. If you do not do this, you are violating our terms of service and your data is NOT secure.
Tip: For more information on what is and isn't considered sensitive data, check out our Sensitive Data Help Guide!
When you set up your form to save data for later downloading and viewing, you can set a password to encrypt the data when stored in the Formstack database. When you set a password, public and private keys are generated and stored with your form. The public key is used to encrypt the data when saved in the database.
Your password encrypts the private key, which will be used to decrypt the data. Your encryption password is not saved on the server in plain text, so it's not possible for anyone to decrypt the information without knowing your encryption password. It is important to memorize your encryption password. We are not able to retrieve this password for you - that's how secure this feature is!
Enabling Data Encryption
To enable data encryption on your form click on the Settings tab of your form. Then select Security from the menu on the left side.
Then click the "Enable Data Encryption" button to the right of the Encrypt Saved Data field.
A pop-up window will appear. Enter a new password and re-enter the password to confirm it. Click "Enable Data Encryption" to finish the process.
If you do not see the Data Encryption option, your account plan does not give you access to those features.
Disabling Data Encryption
Once Data Encryption has been enabled on a form, it can only be removed or have the password changed if you know the current password. You can accomplish this by going to Settings > Security and clicking 'Delete Password' (or 'Edit Password'). If you cannot remember the current password, encryption can be cleared by following the steps outlined here.
If you're deleting the encryption password, you'll be prompted enter the current password and if changing the password you'll be prompted to enter the current password in addition to entering a new password and confirming it.
- You do not need to enable data encryption if you are not saving collected data in the database.
- File attachments are not encrypted; however, only those with the associated file upload URL can view the files.
- If you are using notification emails and your form has sensitive data in it you must set up the email to either send a link to the database, write a custom message without the sensitive information, or turn on PGP email encryption.
WARNING: It is important that you memorize or store this password in a safe place. If you lose this password, we will not be able to retrieve your data, which will be irrevocably lost.