Salesforce Classic Encryption

Notes on the Classic Encryption tool on the Salesforce platform.

What is it?

• Allows you to create a specific custom field that is encrypted, and it’s limited to 175 characters
• Free to use (in Enterprise and above, I believe?)
• Classic Encryption only allows users with View Encrypted Data permission to see encrypted data
  • Important Note: These fields are editable regardless of whether the user has this Encrypted Data permission
    • Use FLS, validation rules, or page layout settings to prevent users from editing encrypted fields
  • Validation Rules and Apex both work regardless of the User having the perm

Misc. Notes

• Classic Encryption uses 128-bit AES
• Classic encryption is limited on the automation capabilities of encrypted fields
  • Basically, you cannot have record-triggered automation based on changes to this field

Additional Reading

• Classic Encryption Overview
• Comparison Chart for Classic Encryption vs. Shield Platform Encryption

Other Related Topics

• Data Security
• Compliance
• Security
• Salesforce Shield Platform Encryption

References

• Shield Platform Encryption for Salesforce
• Salesforce Certification: Sharing and Visibility Architect