When ShareGate Migrate is updated in May 2026, you will be prompted to upgrade your existing local data to a new encryption system. This is a one-time process for all users.
What changed in May 2026
ShareGate Migrate is moving from direct encryption to an envelope encryption system. In the new system, your data is protected by a data key, which an encryption provider further protects. This separation improves the overall security of your local data and allows you to switch between encryption providers without re-encrypting your data.
The upgrade migrates your existing local data to this new structure.
Complete the upgrade
When prompted, choose how to proceed:
Run now: The upgrade starts immediately in the background. Data is re-encrypted in priority order, so your most-used items become available first.
Schedule for later: Defers the upgrade to a more convenient time. ShareGate Migrate cannot be closed while an upgrade is in progress.
Skip: Permanently deletes the data that was protected by the previous encryption system. New connections, migrations, and other data you create after skipping are not affected. If you need to recover your pre-upgrade data, see If you skipped the upgrade.
Note: While the upgrade is pending or in progress, any data that has not yet been re-encrypted is temporarily inaccessible. You will see locks and warning messages in the affected areas, including in PowerShell commands. You can create new connections, migrations, and other data at any time.
After the upgrade
Once the upgrade is complete, ShareGate Migrate uses DPAPI as the default encryption provider. DPAPI works for most environments, but if you work in a VM or across multiple machines, you can switch to a certificate-based provider. For details, see Manage your encryption provider in ShareGate Migrate.
If you skipped the upgrade
A local backup of your pre-upgrade data is kept on your machine. Contact our support team if you need help restoring it.