The plugin uses CryptoJS to encrypt text and does not encrypt attachments. Data security depends on the CryptoJS library
No password retrieval function, not anywhere to save the password, password lost without any means to recover
The plugin prohibits modification of encrypted files, but it can be modified without installation of the plugin, including mobile APP;The modified encrypted file cannot be decrypted properly
Use !!!<br>>>> Do not change this file <br> string to determine if it is an encrypted document, so Do not write the same string at the beginning of your normal document, for the same reason that if you change this string in an encrypted file, then the disabling function will be disabled. V_V
English is not my native language, so you'll have to make do with it
I hope you like this
I wonder if a string shorter than !!!<br>>>> Do not change this file <br> could be used because it's difficult to remember that when creating a new file. Why not just something like [[crypted]]?
How does it work by the way? At what point does it encrypt and decrypt the note?
In fact [[crypted]] can also be used, I just randomly chose a string that is unlikely to appear in a normal note, but [[crypted]] is more likely to appear in normal notes.
His principle is to use AES to encrypt and decrypt Markdown's plain text content. You can see this in the source code
By the way, will mobile APP support plugin in the future?
Yes although if you look for [[crypted]] only at the beginning of a note then it's relatively unlikely that it's meant for something else.
By the way, will mobile APP support plugin in the future?
Technically it can be done as the plugin system is meant to be cross-platform but I haven't enabled it for mobile yet (and there would be the config UI to create too) because it doesn't look like there's much demand for it. Users often don't expect to be able to install plugins on mobile apps.
Let's see how it goes - if there's a strong case for adding plugin support for mobile, I might do it. I can see that it would indeed be useful for your plugin.
Why is the repository called joplin-config? The plugin is about encrypting notes. Wouldn't it make more sense to call the repo: joplin-plugin-encrypt-notes
I thought for a second that you had a point. I changed the string used to determine whether or not it was encrypted.
If the mobile app doesn't support plugins, Notes that have been modified by the plugin are hard to read on the phone.
Of course, it depends on whether you want to support it or not
Probably, but why not encrypt the note entirely?I think the purpose of this plugin is to prevent the private Note from being seen by curious passers-by.If I want to encrypt only one paragraph and need a good experience, I may not be able to do that right now,hahaha
you have secrets like credit card PIN or other things you write a node around it and only want to hide the PIN.
Like the password manager in the browser you see address, username and only password is hidden.
There were some discussion during last year's GSoC, I can check if I can make them public, you may have get some input from over there in regard to your work, if you like?
The plug-in encrypts the note with AES, so the length after encryption is not the same as before, but a long, meaningless string.Encrypting only one paragraph is not beautiful or practical.So I still recommend that if there are paragraphs that must be encrypted, put them in a private note.You can then use Joplin's built-in links to reference them in other notes
