Skip to main content
  • Customer Experience
    Customer Experience
  • Employee Experience
    Employee Experience
  • Brand Experience
    Brand Experience
  • Product Experience
    Product Experience
  • Core XM
    Core XM
  • Design XM
    Design XM

Security Survey Options

What's on This Page:

Was this helpful?


This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

The feedback you submit here is used only to help improve this page.

That’s great! Thank you for your feedback!

Thank you for your feedback!

Warning: We recommend you take extra care when setting up surveys that involve incentives (e.g., with the Tango Card extension, setting up an anonymous raffle, or setting up your own incentive survey). Using the correct settings and configuration is essential to ensure that the incentives are restricted to your intended respondents. Without appropriate settings, it may be possible for people to take advantage of your survey distributions and claim the incentives. Please carefully review the settings you can use to protect your survey below.

About Survey Security Options

These survey options can increase your survey’s security and protect your survey from unwanted responses.

Security section of survey options

Survey Access

Qtip: These options used to be called “open access” and “by invitation only.”

There are two ways a respondent can enter your survey. The first is to do so anonymously, by clicking an anonymous link. The second is to click an individual link generated just for them (either through emails or personal links).

Survey access options: available to anyone and invitation only

  • Available to anyone: By default, respondents with either the anonymous link or an individual link can take your survey.
  • Invitation only: Only respondents sent a personal link or invited over email (with the default individual link) can access the survey. No one can enter the survey using the anonymous link or the multiple completes link

If an individual tries to access your survey with an anonymous or multiple completes link when the Invitation Only setting is turned on, they will receive a message that says, “This survey can only be taken by invitation.”

This survey can only be taken by invitation

Password Protection

You can set a single, general password that any respondent must enter to access your survey. This is helpful when you are using the anonymous link and want to restrict who can enter the survey.

Enable Password protection and enter your desired password in the field that appears.

Enable password protection, makes a field appear where you can type a password. The password does not get hidden by asterisks

There is no limit to how many times respondents can try to guess the password of a survey.

Qtip: If you want to have a unique password for each survey taker, you might consider using an authenticator in your survey instead.

Add a Referral Website URL

Specify the URL your respondents must come from in order to access your survey. This setting is useful if your survey link is posted on a particular website (such as an internal university or company page) and you want to make sure the link does not get copied and sent to others. Only those who can access that page would be able to take the survey.

When toggled on, can enter a URL to redirect to

Example: A retailer might want to provide a short survey with a password for the next study at the end. Concerned that participants might forward this password and this survey link to friends, they add a referral website URL stating that the participant must click on the link while on a specific page of the website.
Qtip: The URL entered here needs to match the URL of the corresponding website exactly. We recommend copying the URL from your web browser. For example, if we wanted to restrict respondents to a survey accessible on our support site, we would need to use https://www.qualtrics.com/support/. Using just qualtrics.com/support will not work.

Prevent Multiple Submissions

Qtip: This option used to be called “Prevent Ballot Box Stuffing.”

In circumstances where you are offering an incentive or conducting a sensitive vote, you may want to prevent participants from taking a survey more than once. This setting works by placing a cookie on their browser when they submit a response. The next time the respondent clicks on the survey link, Qualtrics will see this cookie and not permit them to take the survey.

“Prevent multiple submissions” is a great deterrent, but can be circumvented by savvy participants clearing their browser cookies, switching to a different web browser, or using a different device. With surveys that have a higher incentive to cheat, consider distributing your survey by email (which creates a unique, one-time use link for each participant) or by using an authenticator.

Toggled on. More actions appear

Some users may see an Action dropdown when they enable this setting. For more details, see the Prevent Multiple Submissions section of the Fraud Detection support page.

Qtip: This setting works regardless of the link type you’re using. We generally don’t advise pairing this multiple completes links unless you’ve chosen “Continue survey and set an embedded data field.”

Bot detection

Look for respondents that could be bots and flag their responses. For more details, see the Bot Detection section of the Fraud Detection support page.

Security Scan Monitor

Qtip: This option used to be called “Email Scan Roadblock.”

Prevent security scanners from accidentally starting a new session on your survey. See the Security Scan Monitor section of the Fraud Detection support page.

RelevantID

Analyze a respondent’s browser, operating system, and location to prevent fraudulent responses.  For more details, see the RelevantID section of the Fraud Detection support page.

Prevent Indexing

Search engines work by creating what is called an index, or a map of all pages on the Internet so they can be searched quickly. By enabling Prevent indexing, you can keep search engines from finding your survey and presenting it in their search results.

Prevent indexing toggle

Require Permission to View Uploaded Files

With this option enabled, files uploaded to responses can only be viewed by users with permission to view responses. This includes files uploaded in response to the file upload, screen capture, and signature question types. In addition, these users will be able to see survey responses within XM Directory touchpoints and view full responses in any public reports shared with them.

If you cannot access the URL from your data export, it is because the survey owner has Require permission to view uploaded files turned on and they have not given you permission to view responses. If you’d like anyone to be able to view the links from the dataset, you will need to turn off Require permission to view uploaded files.

Option described

Qtip: “Require permission to view uploaded files” is selected by default, but may be unchecked for surveys whose file uploads need to be able to be downloaded by anyone. This can be turned on or off at any time.
Qtip: This option used to be called “Secure Participants’ Files.”

Anonymize Responses

Enabling the Anonymize responses setting is an effective way to permanently scrub a response of identifying information before saving it in the data.

Anonymize responses

When responses are gathered with the anonymous link, enabling this setting will remove the respondents’ IP address and location data from your results. When responses are gathered with the individual link, enabling this setting will remove the IP address and location data and disconnect the response from the contact who provided it. In this way, you can know which contacts have responded (through your distribution history and contact history), but not which response belongs to which contact.

Attention: Once you turn on the Anonymize responses option, your respondents’ identifying information is hidden. If this setting was turned on before a response was collected, that response’s identifying information will never be retrievable. If this setting was turned on after a response was collected, the response’s identifying information will be retrievable. Proceed with caution! Note, if you have XM Directory, this information will still be available in the contact’s touchpoint timeline after anonymizing responses. Appending embedded data fields from XM Directory to a survey response may result in the survey response no longer being anonymous.

FAQs