Password Lock - where is it?

How can I prevent family members being able to view my diary whilst they use my computers?

Like many of you guys know, it's unfeasable to never let someone you know jump onto your computer or use your phone for a minute...

But I use Joplin for my diary and I don't want anyone else, including my partner to be able to open it and read it. I'm sure at least some of the developers at Joplin have families who share their devices at some point.. So how do they keep a basic lock on say Windows 10 to have some privacy?

I'm not talking about folk getting in and installing keyloggers here where they could see the pass. I am not up against those kinds of adversaries, more like 'what's that blue icon called Joplin... I'll click on that and see what it is' kind of person.

I have trawled through the settings and I cannot find it. For such an app, I will admit I'm a little bit confused because it seems such a no-brainer (a lot of people share devices!).

Any help?

https://discourse.joplinapp.org/search?q=password%20lock

What?

The first is a link with an answer to the question.

The second is a link to a search for "password lock" for the times this has been asked as the conversation is spread over so many topics.

Thanks but the first answer doesn't bear any relation to anything whatsoever. Not tryingto be cheeky, but are you an AI bot?

Does anyone know how to help? I have searched the forums and can't find any straight answers or solutions. Thanks

ps. The FAQ mentions to use Truecrypt (an encryption program which was abandoned 8 years ago which the devs advised to not use).

You asked a question about password locking Joplin. I linked you to a section of the FAQ called "Could there be a password to restrict access to Joplin?" which has a link to the open github issue about it where there is even more info.

Basically no. You would need to use things built into your OS, or other solutions like app locking software, parental controls etc.
Then there is physically isolating the app, like using JoplinPortable on a USB stick that only you have access to.

There isn't really much to add to a conversation that hasn't already been asked a large number of times in other posts, the same arguments come up but the answer is still the same. There is no way of doing it in the app but PRs will be accepted for anyone who wants to implement a solution. To date nobody has.

If you would like to stop receiving Joplin facts please text STOP to 70712

1 Like

Maybe nobody has coded that because most people can't even code, perhaps..?

Those solutions are pretty poor, really.

But thanks.

Joplin is not as good as I thought it was.

There have been around 500 contributors to the project but maybe there isn't that much of an overlap between people who can code and people who have a "family" PC or a less stringent attitude towards app security - or even knowledge of how to use certain tools already available on their OS.

If you have a look at those topics you can see the arguments for it either way. Essentially somebody would have to code this and the main contributors to the project don't see it as a priority over other things yet will accept a decent enough PR and solution from somebody who wants to solve it.

There are a ton of solutions you could use but they depend on your exact use case: If it is just idle curiosity then you could have a simple batch or shell script that in turn only launches the app if you give it the right password. You could use OS features baked into certain OSs. You could use third party apps like Download DeskLock 1.0 (I have no idea if this app is trustworthy, I just found it from a 30s google search). You can use Joplin portable to put the entire thing on a removable drive. You could just hide the desktop shortcut.

And what people want isn't the same either. Some just want a password to restrict access to people using the device. Some want to encrypt all the info stored in the database to prevent people seeing info if they gain access to the files. In those cases you have three groups already and may feel strongly about the implementation.

I think that is grossly unfair, if you want to use unsafe practices on your computers then you do you but don't blame the project because it doesn't suit your exact needs. You seem unwilling to even consider any alternatives provided of which there are many.
What you see as important and critical others see as either pointless or unnecessary. There is no correct answer either way but you can't expect people to spend time on a feature they don't think is worth implementing.

2 Likes

When it comes to Windows, you really should just create separate accounts for each user. Regardless of the privacy aspect, it's just one of the best practices to keep the system clean, as multiple people having access to the same desktop, sharing program settings, installing possibly overlapping applications, etc. is never a good idea, and especially with Windows, it can easily break the OS too.

With separate accounts, you can even keep all of them logged in at the same time, so that switching between different accounts is instantaneous. Files located inside each user profile aren't accessible to other users as well, so you also have (very basic but probably enough based on your description) privacy protection this way without setting up encryption, etc.

You can try Veracrypt, which is considered as the successor of Truecrypt, with Joplin portable. IMO, the password protection is a good feature, but it is not so urgent and it might take a lot of work to make the proctection safe enough. So I think you should let the pros to do the really challenging work, like Veracrypt.

If you just don't want someone to open Joplin out of curiosity, just remove the shortcut of it from Desktop, Start Menu, ...