Finance sends out 80 payslips on the 28th of every month. They go as raw PDF attachments. One day a payslip lands in the wrong inbox — same surname, different person — and suddenly everyone in the office knows what Sarah from marketing earns.
This is the most common payroll incident. It's preventable with a one-step change.
Why payslips deserve encryption
A payslip shows: full name, NI number (UK) or last-four SSN (US), gross and net pay, deductions including pension and any garnishments, address, sometimes bank details. Internally, salaries are political. Externally, they're an identity-theft kit.
A misdirected email is the most common payroll incident reported to ICO and similar regulators. Encryption converts a 'data breach' into a 'failed delivery'.
Workflow for monthly runs
Generate payslips as usual. Run each through Flint's password tool — or batch them via your payroll software if it supports per-employee passwords. A common pattern is the employee's date of birth plus the last four of their NI number, but that's weak; a randomly generated passphrase shared via your HR portal is stronger.
For the master payroll run sent to your accountant, merge into a single PDF, encrypt once with a strong passphrase, and share via a known secure channel.
Avoid the obvious mistakes
Don't use the same password for every employee. Don't put the password in the email signature. Don't reuse last month's password. And don't store the master passphrase in a shared Excel sheet on a public folder.
If your payroll provider doesn't support encryption, route the export through Flint as a one-step add-on. The exported file never leaves your browser.
FAQ
Is date of birth a safe payslip password?
Not really. It's guessable in seconds for anyone who knows the employee. Use it only as a default that you require staff to change.
Can I send the password in the same email?
Don't. If the email goes to the wrong recipient, both the file and the key go together. Use a separate channel — text, payroll portal, line manager.
Does encryption replace a secure payroll portal?
No, it complements it. A portal controls access; encryption protects the file once downloaded. Many regulated employers require both.
What about per-employee passwords?
Best practice. Each payslip locked with a different password means one leak doesn't expose the rest.
Stop sending plaintext payslips. Encrypt the run before it goes out.