Encryption that provides protection from local device users accessing my data

Operating system


Joplin version


What issue do you have?

In the Joplin Encryption help, it is written: "The system is designed to defeat any attempts at surveillance or tampering because no third party can decipher the data being communicated or stored." I just read in other posts on the forum that encryption only works on the cloud data. If the app truly keeps others out of the data from a local device point of view, what would be a good test of this? I've encrypted on the desktop app and on my cell, but it doesn't seem to be keeping a third party who might find my cell phone from reading the data. The Joplin app is a great tool, but I'm not sure it's a close match for me.

1 Like

@thompkath welcome to the forum.

It doesn't. End To End Encryption (E2EE) encrypts the data from when it leaves a user's client until it is received by another of the user's clients. So when the note data leaves a client to sync it is protected from interception by both HTTPS (hopefully!) and E2EE. Whilst the data sits on the cloud storage service used for syncing it is still encrypted by E2EE. Basically, when the data is out of the user's direct control it is encrypted.

"communicated or stored" refers to sending the data to a third-party storage service for the purposes of syncing the clients.

That's true but it is only a problem if the phone's owner has chosen to remove the phone's full device encryption and set it to allow access without a PIN or biometric lock.

I believe that you can activate an app lock on the mobile clients but I do not think that there is any encryption (in addition to the devices own security) associated with that.

Phones are encrypted by default these days, so indeed if you enable biometric lock on the app it would be enough for additional security.

That's exactly what it needs. Thanks!

Hey, I setup AppLock Pro just now and it works great. -K

That's exactly what it has got :slight_smile:

We were referring to the biometric app lock built into the Joplin mobile client. Admittedly it is a beta feature so does it not work on your device?

I received an error (image attached). I've not tried biometrics on cell.

Thanks, I'd be interested in why the error I forwarded occurred, but I'm okay with what I've already configured, AppLock for cell and My Lockbox for Windows. No need to spend more time on the issue. -K

Joplin uses your phone's biometric ID system to unlock. It looks like you have not set up biometric ID on your phone, so it can't.

AFAIK this tool is only designed to hide certain folders, not to encrypt them. In order to achieve the same level of security that you have on an encrypted phone, full disk encryption is a prerequisite. Tools like Bitlocker and Veracrypt can do this on Windows.

Yes, understand. Thank you for the application names.