How would do you change password?

I use Dropbox for syncing. If I disable and re-enable encryption to set a new password, the file will be temporarily stored on Dropbox unencrypted and leaked. Is there a way around this?

Win10 64bit, Joplin v1.0.179

I don’t believe there is a current way to do what you’re asking without using a third party software or writing your own script for it but I’m almost certain it’s been brought up a few times about implementing MultiFactor Authentication (MFA). That means using a Master Encryption Key and a third party app (like Microsoft Authenticator) to add an extra level of protection to your files.

I imagine that if you re-enable encryption before syncing this shouldn’t be a problem. But might be better to test on some less critical files first.

In my experience it syncs automatically as soon as you decrypt the file, but I’d have to check it again.

It’s not elegant but until a proper solution is developed you could go into your sync settings and change the target to “File System” so it’s not syncing to any remote sever. Then you could decrypt everything, then re-encrypt it with the new password, then change your sync target back to Dropbox and have it re-sync everything.

1 Like

As you say, not very elegant but thanks for the idea. In the meanwhile, I think when decrypting a file that is stored in the cloud, there should be a warning. Giving Dropbox and others access to potentially sensitive data is currently only a click away.

That’s a good idea, one that might even be worth bringing up as a separate issue, I wouldn’t think it would be too hard to implement a simple pop-up when decrypting notes, warning the user that it will expose their data if it’s in a remote server.