Skip to main content
Skip to article
  • Qualtrics Platform
    Qualtrics Platform
  • Customer Journey Optimizer
    Customer Journey Optimizer
  • XM Discover
    XM Discover
  • Qualtrics Social Connect
    Qualtrics Social Connect

Security Survey Options

Was this helpful?


This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

The feedback you submit here is used only to help improve this page.

That’s great! Thank you for your feedback!

Thank you for your feedback!

Warning: We recommend you take extra care when setting up surveys that involve incentives (e.g., with the Tango Card extension, setting up an anonymous raffle, or setting up your own incentive survey). Using the correct settings and configuration is essential to ensure that the incentives are restricted to your intended respondents. Without appropriate settings, it may be possible for people to take advantage of your survey distributions and claim the incentives. Please carefully review the settings you can use to protect your survey below.

About Survey Security Options

These survey options can increase your survey’s security and protect your survey from unwanted responses.

Security section of survey options

Survey Access

Qtip: These options used to be called “open access” and “by invitation only.”

There are 2 ways a respondent can enter your survey. The first is to do so anonymously, by clicking an anonymous link. The second is to click an individual link generated just for them (either through emails or personal links).

Survey access options: available to anyone and invitation only

  • Available to anyone: By default, respondents with either the anonymous link or an individual link can take your survey.
  • Invitation only: Only respondents sent a personal link or invited over email (with the default individual link) can access the survey. No one can enter the survey using the anonymous link or the multiple completes link

If an individual tries to access your survey with an anonymous or multiple completes link when the Invitation Only setting is turned on, they will receive a message that says, “This survey can only be taken by invitation.”

This survey can only be taken by invitation

Password Protection

You can set a single, general password that any respondent must enter to access your survey. This is helpful when you are using the anonymous link and want to restrict who can enter the survey.

Enable Password protection and enter your desired password in the field that appears.

Enable password protection, makes a field appear where you can type a password. The password does not get hidden by asterisks

There is no limit to how many times respondents can try to guess the password of a survey.

Qtip: If you want to have a unique password for each survey taker, you might consider using an authenticator in your survey instead.

Add a Referral Website URL

Specify the URL your respondents must come from in order to access your survey. This setting is useful if your survey link is posted on a particular website (such as an internal university or company page) and you want to make sure the link does not get copied and sent to others. Only those who can access that page would be able to take the survey.

When toggled on, can enter a URL to redirect to

Example: A retailer might want to provide a short survey with a password for the next study at the end. Concerned that participants might forward this password and this survey link to friends, they add a referral website URL stating that the participant must click on the link while on a specific page of the website.
Qtip: The URL entered here needs to match the URL of the corresponding website exactly. We recommend copying the URL from your web browser. For example, if we wanted to restrict respondents to a survey accessible on our support site, we would need to use “https://www.qualtrics.com/support/”. Using just “qualtrics.com/support” will not work.
Qtip: Due to recent browser changes, limitations have been made to what information we can get from referrer Headers. In the past if a URL was “https://www.google.com/search?q=search”, we could get the referrer as the whole URL containing every query parameter. Now due to the aforementioned changes, we can only get “https://www.google.com”. This functionality is based on the websites Referrer-Policy, so some sites may get the query parameters and others won’t.

 

Prevent Multiple Submissions

Qtip: This option used to be called “Prevent Ballot Box Stuffing.”

In circumstances where you are offering an incentive or conducting a sensitive vote, you may want to prevent participants from taking a survey more than once. This setting works by placing a cookie on their browser when they submit a response. The next time the respondent clicks on the survey link, Qualtrics will see this cookie and not permit them to take the survey.

“Prevent multiple submissions” is a great deterrent, but can be circumvented by savvy participants clearing their browser cookies, switching to a different web browser, or using a different device. With surveys that have a higher incentive to cheat, consider distributing your survey by email (which creates a unique, 1-time use link for each participant) or by using an authenticator.

Toggled on. More actions appear

Some users may see an Action dropdown when they enable this setting. For more details, see the Prevent Multiple Submissions section of the Fraud Detection support page.

Qtip: This setting works regardless of the link type you’re using. We generally don’t advise pairing this multiple completes links unless you’ve chosen “Continue survey and set an embedded data field.”

Bot detection

Look for respondents that could be bots and flag their responses. For more details, see the Bot Detection section of the Fraud Detection support page.

Security Scan Monitor

Qtip: This option used to be called “Email Scan Roadblock.”

Prevent security scanners from accidentally starting a new session on your survey. See the Security Scan Monitor section of the Fraud Detection support page.

Duplicate Detection

Analyze a respondent’s browser and device to prevent duplicate responses.  For more details, see the Duplicate Detection section of the Fraud Detection support page.

Prevent Indexing

Search engines work by creating what is called an index, or a map of all pages on the Internet so they can be searched quickly. By enabling Prevent indexing, you can keep search engines from finding your survey and presenting it in their search results.

Prevent indexing toggle

Uploaded Files Access

Qtip: Survey collaborators will need the “View Survey Results” collaboration permission to view uploaded files.

Uploaded files access controls whether people can download respondent submitted files. This includes files uploaded in response to the file upload, screen capture, and signature question types. In addition, these users will be able to see survey responses within XM Directory touchpoints and view full responses in any public reports shared with them.

If you cannot access the URL from your data export, it is because the survey owner has Only users with permission to view responses turned on and they have not given you permission to view responses. If you’d like anyone to be able to view the links from the dataset, you will need to turn on Anyone with the link to the file.

The Uploaded File Access option

Qtip: “Only users with permission to view responses” is selected by default, but may be unchecked for surveys whose file uploads need to be able to be downloaded by anyone with a link to the file. This can be turned on or off at any time.
Qtip: This option used to be called “Require permission to view uploaded files.”

Anonymize Responses

Enabling the Anonymize responses setting is an effective way to permanently scrub a response of identifying information before saving it in the data.

Anonymize responses

When responses are gathered with the anonymous link, enabling this setting will remove the respondents’ IP address, location data, and all other default Qualtrics fields from your results. When responses are gathered with the individual link, enabling this setting will remove the IP address and location data and disconnect the response from the contact who provided it. In this way, you can know which contacts have responded (through your distribution history and contact history), but not which response belongs to which contact.

Attention: If responses have been recorded prior to you turning on the Anonymize responses option, those respondents’ information will remain in the platform but will be hidden in certain views. Any responses recorded after turning on the Anonymize responses option will not include the information.

Attention: If you have XM Directory, survey invite information will always be available in the contact’s touchpoint timeline. Turning on anonymize responses will prevent the survey response from showing in the timeline. Appending embedded data fields from XM Directory to a survey response may result in the survey response no longer being anonymous.

Qtip: There is a setting in end of survey elements that works the same way “Anonymize responses” does, called “Do NOT record any personal information and remove panel association (not recommended).” If “Anonymize responses” is disabled in the survey options, but a respondent encounters an end of survey element with this “Do not record” setting enabled, they will still be anonymized.

Attention: When viewing the full response record for an anonymized response that was recorded prior to turning on the Anonymize responses option in a response ticker widget, the respondent’s IP address, latitude, and longitude will be available.

Survey Options in Different Project Types

Survey options are available in many different types of projects. The options described on this page are available in:

There are a few other projects that have access to survey options, but with unique functionality to keep in mind.

 

 

FAQs