this is the topic in regard to the above-mentioned topic.
Anything on how to do this, how it shall be done, what features in shell include etc. is discussed here if an existing topic hasn’t been created yet, see idea description below.
Your interest in this idea shall be announced here, otherwise, it gets easily lost as we would need to remember each introduction.
This topic is used to update the specification of the idea as well, even if there is an existing topic, so interested students, watch it!
Anything that shell be discussed privately as e.g. if it involves your proposal will be discussed through a private channel what is currently in discussion.
As of the moment, I’m writing this, the idea’s description of https://joplinapp.org/gsoc2020/ideas.html#6-password-protected-notes is:
We would like to add an option to allow encrypting a note or a notebook with a password. When opening the note, the password must be provided to reveal the content.
Expected Outcome: The user select a note and has the option to encrypt it.
Difficulty Level: Medium
Potential Mentor(s): PackElend, laurent22
may you start as instructed in GSoC Live Blog, first we do familiarization before start talking about your proposal
If the note has been synced between platforms, then the note should also be protected on all the other platforms right?
So then We’d have to find a safe to transfer the notes between different client version. Do we have any encryption as of now in Joplin? I see E2E encryption. I’m quite unclear what that does.
E2E encryption is currently implemented in Joplin, but it’s currently optional. The way it works is that prior to syncing a note, it will encrypt the note and then send it to the sync target. This means that during transmission to a sync client (and storage there) the note is encrypted. But locally a not is stored without protection.
In my view the correct way to implement this GSOC idea would be to add an additional layer of encryption (with a separate password, perhaps unique to each note) that would encrypt a note at rest and by definition on the sync client.
Thank You so much for clearing this up @CalebJohn. I’ll start looking into ideas for implementing this.
i just wanted to know before submitting the proposal should I have to proof that whether i am capable or not.
i am interested for password-protected notes
We do recommend that you fix some small bugs/make some small improvements to Joplin beforehand. This just allows us to more accurately evaluate your ability to contribute to the app.
may that helps you guys as well https://www.vaultproject.io either as integration or as blueprint for password integration
Do we need to have an additional option as to encrypt only a portion of a note/notebook and not the entire note/notebook?
to be honest that would be a very nice feature but not a have to
@PackElend Is this feature to be implemented on both mobile & desktop or we have to choose one?
both as you want to be able to open these notes any device, don’t you?
Considering personal security and availability on mobile Apps, this should be a "must have". A log-in dialogue to access the Joplin App itself would be even better!