First time user. So far I like the platform, except when it come to any sensitive notes or data.
I would like the option to be able to hide and lock either a note or notebook from being accessed.
I know EN does this but so does Samsung Notes. SN doesn't have a good platform for windows but it does work well on the phone itself. I came to Joplin hoping this platform would have that type of solution. Everything else about this project is amazing! And would love to support it more.
Your notes are only encrypted in transit with E2EE, when they get to your machine, they're fully unecrypted, the stance of the devs is that your OS security will probably be stronger than anything they can put in place and if security is really an issue, using a secure drive would be a good bet (they say all this in the FAQs) but it is an open issue so it's not impossible someone develops something eventually!
With all that being said, there are almost certainly measures you can put in place on your machine or phone that will lock an app without entering a pin (Windows admin tools, Android apps, etc) if you want a halfway house to dissuade nosy people but protecting against hacking isn't needed
I have been using Joplin for several months now and really like it...but.
I know this topic is old, but the requests seem to go back to at least 2018.
For me encryption of selected notebooks on the fly is a big deal. I really like Joplin, I use it a lot, but if I could encrypt individual notebooks I would be able to junk some other tools that I use and consolidate a lot of stuff on Joplin.
It's interesting to see the parallels in the thinking here with the banks. I used to use Monzo (banking), but they have taken a similar view - "you don't need to secure the App, secure the phone". Other banks secure their Apps. I think Monzo is brilliant, but I have stopped using it because I have too many friends who have suffered from poor security, SOme of the stuff I would put on Joplin is equally sensitive.
So, is it so hard? I don't know!
If notes are encrypted in transit, then they must get encrypted/decrypted locally on a per note basis. I am told that sometimes, if there is a lot of processing going on, you may even see the encrypted version. I don't know the journey a note takes and when encryption/decryption occurs, but surely if the mechanics are already in place it then becomes a matter of when they are invoked.
I would suggest that (for selected notebooks) instead of just encrypting/decrypting as part of synchronisation, there be an option that this is done whenever a note is opened or whenever you move away from a note. No changes needed to the synchronisation workflow (it would just mean some notes get doubly encrypted for their journey). Surely most of the neceessary bits are already in place. A simple tag on the note/notebook would advise Joplin that it is encrypted and cause a suitable message to pop up. Once a valid key has been entered encryption/decryption would continue until a timeout, after activity ceases, it would reset and require the key again.