Webform Encrypt Default On
Extends the Webform Encrypt module so that encryption is enabled by default on all new webform elements. Eliminates the risk of accidentally creating unencrypted form fields on sites where all submissions should be encrypted.
Webform Encrypt Default On is a small but important companion module to Webform Encrypt. On sites that handle sensitive data — medical, legal, financial, or personal — it is standard practice to encrypt all webform submissions. The Webform Encrypt module provides the encryption capability, but editors must remember to enable encryption explicitly on each new field they add.
This module removes that human error vector by flipping the default: encryption is on for all new webform elements. Editors must actively opt a field out of encryption rather than actively opting in. This is a security posture change — it makes the secure option the path of least resistance.
The module is useful primarily for organisations with compliance requirements where unencrypted form submissions are a policy violation. By changing the default, it provides a defence-in-depth layer against configuration mistakes, particularly on sites where multiple people manage webform content and not all of them may be aware of the encryption requirement.
The module requires both the Webform and Webform Encrypt modules to be installed, and supports Drupal 10 and 11.
Let’s talk
Ready to stop worrying
about your Drupal site?
Start with a free audit — no commitment, no jargon. Our engineers will review your site and send you a plain-English report within 48 hours.
0207 490 2311 · hello@websitesupport.io