Formstack 101: Form and Account Security
What is an example of a custom notification that does not show sensitive information.?
You can create a custom message by going to the form > Settings > Emails and Redirects > Notification Emails. Then you can click on the email and choose Custom Message from the Content options.
If there are situations where you want to ensure privacy, why aren’t all of these options forced?
Not all Formstack users are collecting sensitive data. Also, most options require creating passwords. We try to ensure that anyone that is adding a field to the form that may contain sensitive data is warned so that the data is properly secured.
When we delete the Stripe integration and you have to renew it, will the open forms have trouble or will it be a smooth transition?
If you immediately remove and readd the integration the form will only not be able to accept payments during the time you are mapping the fields.
We use Authorize.net and we see the credit card information with XXXX. Is this a Formstack standard or if this an Authorize.net standard?
By default, when you map a payment processor all credit cards will be masked in submissions. If you are not using Stripe there is a checkbox for “Save credit card number in database” in the integration that you can turn on. If you turn this option on, you will need to then following the procedures for secure data, aka turning on SSL and data encryption.
Is the data secure if you use Link to Saved Data instead of sending the All Submitted Data option?
Yes, because the data will be secured so when you click the link. Users will not be able to view the data until they enter the encryption password.
Would you suggest using CAPTCHA for public events? Or are there disadvantages.
That is up to you. CAPTCHA is a great option to add to the form if you are getting to many submissions that seem like spam. However, some browsers, like earlier versions of IE don’t work well with CAPTCHA causing it to be hard to read. Some users that are not scammers may have trouble filling out the CAPTCHA.
When you clicked Form Password there was a third option, can you explain what that is?
This is the Single Sign-On method of unlocking the form when there is a password. This is available on our Enterprise Plans and more information about this can be found in our Support site.
Does a user need to be a user to see the link for Link to Saved Data?
No, the only thing the person receiving the email will need is the encryption password to view the submissions.
More information about Stripe changes can be found here