Home / GitHub Page

E2E encryption and passwords


#1

I use the E2EE. I’ve read the documentation, but I’m still not sure where and how the password is stored.

When I first configured the encryption, I had to enter the password on all devices. It has never asked for a password since, so I assume it’s stored somewhere. Where? How?

On a related note, can I somehow set it up so that I am prompted for a password on opening Joplin? (E.g. while I don’t need this at home, I also sync my notes to my work PC, and would like to make it harder to access for anyone else, since the PC technically isn’t mine and could be taken away and given to someone else.)

Thanks for any info.


#2

For E2EE, the password is cached in the SQLite database.

For being prompted for a password on each run, please see this FAQ entry: https://github.com/laurent22/joplin/blob/master/readme/faq.md#could-there-be-a-pin-or-password-to-restrict-access-to-joplin

In general, if you use it on a work computer, a solution would be to use the portable app version from a USB drive that you can take with you.


#3

I’ve found a version you seem to have posted here:
https://portableapps.com/comment/236306#comment-236306
so I’ll give it a try.


#4

The PortableApps version is quite new and not officially released yet, but should be relatively soon.


#5

FWIW, it works well so far and suits me perfectly.

(I did manage to break everything and had to delete the apps and data, restore from backup and re-sync, but that was entirely my fault :sweat_smile:)


#6

@zblesk, there’s now a PortableApps package available there for testing: https://portableapps.com/node/58085


Is there any way to use as a portable app?
#7

Before I download it: how should I upgrade my installation? Can I just do an in-place upgrade, replacing the previous installation?
(I do not want to mess up my sync again, or do a full re-sync.)

Also, a suggestion: on the PortableApps page you seem to make no mention of end-to-end encryption support. Chances are if you are looking for an Evernote replacement, this might also be an interesting option for you, so maybe it’d be worth adding?


#8

If you want to avoid a full sync, you can simply copy your existing profile to the PortableApps Data directory.

  • First, start the PortableApps - that will create a blank profile in the Data directory
  • Now close the PortableApps
  • Copy your existing profile (from .config/joplin-desktop) to the Data folder, overwriting any existing file
  • Start the PortableApps again - you should now see your notes, folders and settings, and syncing will also work as expected

Good suggestion for E2EE, I will add that to the description.


#9

Oh, that would have helped the first time I synced the portable version and messed everything up. :grin:

But yeah, it worked well, thanks. :+1:t2:


#10

No problem. In general the profile is quite portable and can be copied/pasted in any directory or even a different operating system or mobile device. It’s the same profile format everywhere.