Enabling encryption for a field

You can enable encryption for more than one field in a form. The field can be any data type.

  1. Open the form.
  2. Create a field or click an existing field. Then choose Design - Field Properties.
  3. Click the Advanced tab.
  4. Select "Security options: Enable encryption for this field."

If field encryption is enabled in the Notes® Client, any field delimiters appear in red. If field encryption is enabled in Domino® Designer, the outline of the field appears in red.

Allowing the author to choose the encryption key

If you don't have access to the encryption key or you want authors to choose from the encryption keys they possess, enable encryption for the fields, but do not associate any encryption keys with the form.

Then when users save a document created with the form, they choose whether to encrypt the document when saving it (in the Document Properties box) and choose which encryption key to use.

Examples of encrypting documents

The Salary History form in an Employee Information database has a create access list that allows only members of the Financials group to create Salary History documents. You want to apply security measures so that only four people in the Financials group can see salary information and can edit Salary History documents.

There are several ways to accomplish this goal. You can:

  • Create a secret encryption key, associate it with the data you want to secure, and distribute it to the members of the Financials group.
  • Identify the four members of the Financials group and use each member's public key to encrypt the information.

Using secret key encryption, you create an encryption key called Salary and send it to the four members of the Financials group. You then enable encryption for the CurrentSalary field and associate the Salary encryption key with the form. Then, the four people in the Financials group who have the Salary encryption key can create, read, and edit encrypted salary history documents, including the data in the CurrentSalary field.

Using public key encryption, you specify the names of the four members in the Public Encryption key list associated with the CurrentSalary field. Then the people named in the list can create, read, and edit encrypted Salary History documents, including the data in the CurrentSalary field.

Users who don't have the Salary encryption key and are not in the Public Encryption key list can read everything in the Salary History documents, except the data in the CurrentSalary field, but they can't edit and save existing encrypted documents.