Encrypt Decrypt Data in Umbraco Back Office.

In May 2018, the General Data Protection Regulation (GDPR) came into effect.

It has wide-reaching implications for how businesses handle customers information.

In this blog, I will show you how you can protect user data by encrypting the data you hold on your customers.

Encrypting data allows you to store information in a database. If the data is compromised, the attacker will not be able to see the information stored in a readable format.

So, in this example, if a visitor visits your site and completes a form entering their details, you need to ensure its security.

The code below shows how to capture the saving event in Umbraco.

Content_Saving Class code.

private void Content_Saving(IContentService sender, SaveEventArgs e)
            var node = e.SavedEntities.ToList();
            foreach (var items in node.Where(x => x.ContentType.Alias == "example"))
                string firstName = items.GetValue("firstName");
                //string encryptFirstName = EncryptionDecryption.EncryptString(firstName, "SupplyPassPhrase");
                string encryptFirstName = EncryptionDecryption.EncryptWithNoPassPhrase(firstName);
                items.SetValue("firstName", encryptFirstName);
                sender.SaveAndPublishWithStatus(items, 0, false);

Encrypt Submitted data.

We can now encrypt the data submitted before storing it in Umbraco as shown below.

public static string EncryptWithNoPassPhrase(string plainText)
            if (!string.IsNullOrEmpty(plainText))
                byte[] data = Encoding.Unicode.GetBytes(plainText);
                CspParameters cspParameters         = new CspParameters { KeyContainerName = Iv };
                using (RSACryptoServiceProvider rsa = new RSACryptoServiceProvider(2048, cspParameters))
                    byte[] reBytes = rsa.Encrypt(data, false);
                    return Convert.ToBase64String(reBytes);
            return "No Data Supplied";

Now when we are in the back office we need to decrypt the data so that we can read it as shown below.

Editor Model Event Manager.

EditorModelEventManager.SendingContentModel += (sender, e) =>
                var node = e.Model.Properties.ToList();
                if (e.Model.IsChildOfListView &&&& e.Model.ContentTypeAlias == "example")
                    string firstNameDecrypted   = node.Where(x => x.Alias.ToLower() == "firstname").Select(x => x.Value).First().ToString();
                    var firstName   = e.Model.Properties.FirstOrDefault(x => x.Alias.ToLower() == "firstname");
                    //string decryptFirstName = EncryptionDecryption.DecryptString(firstNameDecrypted,"SupplyPassPhrase");
                    string decryptFirstName = EncryptionDecryption.DecryptWithNoPassPhrase(firstNameDecrypted);
                    if (firstName?.Value != null)
                        firstName.Value = $"{decryptFirstName}";

You can see in the images below, how we can view the decrypted data, but once saved the data is encrypted.

Umbraco Backoffice unencrypted data

Encrypted Data

Encrypted data

In this short post, I have shown how you can encrypt and decrypt data in Umbraco back office and thus helping to protect user data from prying eyes.