When you're collecting sensitive data using online forms, it's critical to keep the data secure. Using SSL/HTTPS is one way to secure the data during transmission on the internet, but it doesn't secure your data when being stored in the database.
This is where encrypted fields come in handy. You can now enable data encryption on your form for the following field types: Single Line Text, Paragraph Text, Name, Phone, Email, Address.
When you enable data encryption, MachForm will generate a Public Key and Private Key pair. The Public Key is saved and will be used to encrypt the data of your field, while the Private Key is delivered to you and is not saved on the server. You're the only person who knows the Private Key.
To read the encrypted data, you'll be prompted to enter your Private Key. If you lose the Private Key, your data will be permanently lost, as there is no way to reset the Private Key.
Enabling Data Encryption
To enable data encryption on your form, edit your form and click the Form Properties tab. Then click the show more options link.
Turn on the Enable Data Encryption option under the Security section.
You'll be prompted to create your encryption keys. Click the Generate Encryption Keys button to generate the keys and proceed.
Your encryption keys will be generated, and the Private Key will be displayed. You need to copy the Private Key and save it in a secure place. There is no option to reset this key, and MachForm doesn't store this key anywhere. The Private Key will only be displayed once.
Now that you have data encryption enabled, you can enable the encryption option on any of your Single Line Text or Paragraph Text fields that you would like to encrypt.
Select the field and then turn on the Encrypt Field Data option under the Field Properties tab.
That's it. Any new data collected by the field will be automatically encrypted. You'll be able to view the data using the Entry Manager and entering your Private Key when viewing an individual entry.
Restrictions & Limitations
The following restrictions and limitations apply to encrypted fields:
- Encryption is supported only on the following field types: Single Line Text, Paragraph Text, Name, Phone, Email Address.
- When you enable encryption on a field that already has existing data, that existing data won't be encrypted. Only new data will be encrypted.
- When you disable encryption on a field, any existing encrypted data won't be decrypted.
- When you disable the global encryption setting of the form, all your encrypted data associated with the form won't be decrypted, and you won't be able to read it anymore, even when you enable it again immediately. Please do this carefully.
- Entry data from encrypted fields are being masked (shown as ******) in notification emails.
- You can only decrypt the data and view it from your MachForm panel, particularly when viewing individual entry.
- When you export the data to an Excel or PDF file, the data will remain encrypted.
- When you send the data using webhook or embed using entries grid widgets, the data will remain encrypted.
- Encrypted fields can't be searched in the Entry Manager.
- It's not recommended to use encrypted fields when the save and resume feature of the form is currently enabled, since the data won't be encrypted until the final submission.
- There is no option to reset your Private Key. Once you have lost it, all your data is irrevocably lost.
- The encryption feature only supported on server running 64-bit system, it won't work with the older 32-bit system. (Note: If you're using Windows server, native 64-bit support only available since PHP 7).
MachForm Cloud Encryption
The encryption referred in this document is an encryption being done at field level, where you can individually select which field to encrypt or not. This is basically an encryption at the application level.
For those using MachForm Cloud, in addition to application-level encryption, we also enforced database-level encryption (AES-256) automatically to all form fields. This means if you're using MachForm Cloud and the encrypted-field feature explained in this article is enabled, then your data is basically being encrypted twice, which adds even stronger security to your data.
Encryption Technical Details
Encryption referred in this article is using asymmetric cryptography, also known as public key cryptography. Specifically, MachForm uses a sealing API: encrypt information with a public key such that only the private key can decrypt it.
Using the modern and secure libsodium library, the sealing API implementation uses the much safer Extended Salsa20 (Xsalsa20) stream cipher with a Poly1305 authentication tag, negotiated with Curve25519 public keys.
Sounds too complicated? You can just ignore this part. The important thing is that your data is now secure and safe :-)