Homepage    |    GitHub    |    API    |    FAQ

Change Encryption Password

Hi,

I would like to change my encryption Password. Is there a simple/standard way to do it?

Usecase:

  • I am using a webdav server to sync my files.
  • I am using Joplin on 2 computers and a phone.

I figured if i decrypt, all the files would be uploaded to the webdav cloud unencrypted (which is not optimal). And when i re do the encryption with the new password, the files will be uploaded again encrypted, but doesnt that also give conflicts?

Any information on this ?

Not straight forward way, but not impossible either. There may be a better way, or a short-cut within the following procedure, but I would play it safe.

  • backup locally to JEX (this is your complete backup to avoid nightmares)
  • delete the password (or all passwords) under prefs > master keys and click save
  • Jolin will show a red cross behind the password entry
  • backup locally to JEX (this is a 2nd backup without passwords)
  • log into your cloud/sync space with your browser (not Joplin) and delete everything
  • delete everything from other devices (other then your primary desktop device)
  • delete your local profile folder completely (or move it)
  • reinstall Joplin (clean slate) and create just one note, encrypt it with a new masterkey and password, and sync it
  • re-import your other notes from the second backup
  • do not enter the old passwords when prompted
  • select re-encryption and patiently wait for this to end
  • this should apply the new masterkey to all your notes, and the new masterkey is protected with the new password of your choice
  • sync with your cloud

Check this "draft" procedure carefully, and see you understand the concept.
No promises, as it's written off the top of my head, but it worked for me about 6 months ago.If sth goes wrong, think before panicking. Start recovery from the second backup, to which I assume you still know the password. If all fails, start with everything fresh. You do still have the full (first backup). Nothing is lost unless you mess it up. It is fail-safe if you stay cool, it is not otherwise.

Let me know if you were up for it, and if you succeeded. And if you shied away from it all, let me know too. I know you were looking for an easier solution. But you won't do this every months - right ?

1 Like

Would it be a good idea for step 2 to be?:
*) Disable cloud sync on all devices

not needed because you are working from a new instance of Joplin in step 8, and the application will not "know" where to sync (will not have your cloud access set up).

Sorry for the late reply. A bit busy. Thank you for the message.

It is a big "to do" list to change the encryption key. I might want to try it though but not sure when ill be able to. Ill keep you posted on here when i do and with the results

@dakara
All fine with me. You asked, yo got an answer :wink: