End-to-End Encryption

encryption

End-to-End Encryption

Keep your text data private with encryption. When you turn this on, your entries,

note
, and tasks are encrypted on your device before syncing. Only you can read your data.

What's Protected

lock

Text Data (Encrypted)

Your data is safe
fileCloud

Media Files (Not Encrypted)

Cloud storage
  • βœ“Photos and images
  • βœ“File attachments
  • βœ“Stored directly in your Google Drive/iCloud
  • βœ“Journal it! backend has no access
  • βœ“Uses cloud provider's standard security

How It Works

encryption
1

Create Passphrase

Create a passphrase that only you know

device
2

Local Encryption

Your data gets encrypted on your device before it leaves

fileCloud
3

Secure Sync

Encrypted data syncs to cloud - unreadable to anyone else

Even we can't read your encrypted data. Only your passphrase can decrypt it.

Technical Detail: Journal it! uses two-layer security. Your passphrase encrypts/decrypts an encryption key, which in turn encrypts/decrypts your data. The encryption key never leaves your device.

Setting Up Encryption

Enable End-to-End Encryption

  1. βœ“

    Go to Settings β†’ Security

    Find the security section in your app settings

  2. βœ“

    Tap 'Enable End-to-End Encryption'

    Start setting up encryption

  3. βœ“

    Create a passphrase

    Use a memorable but secure passphrase (12+ characters recommended)

  4. βœ“

    Confirm your passphrase

    Type it again to make sure it's correct

  5. βœ“

    Tap 'Encrypt All'

    Start encrypting your existing data

  6. βœ“

    Write down your passphrase

    Store it in a secure place - you'll need it to access your data

  7. βœ“

    Wait for encryption to complete

    Your existing data will be encrypted (may take a few moments)

Success! Your text data is now end-to-end encrypted. You'll need your passphrase when signing in on new devices.

Critical Information

⚠️Important Warnings

  • β€’
    Limited recovery options: If you forget your passphrase, recovery options are limited. You can set a new passphrase on any device where the app is still working, or enter 'export' when prompted to save local data. Without access to any device with cached data, encrypted data cannot be recovered.
  • β€’
    Write it down: Keep your passphrase somewhere safe. Don't rely only on memory.
  • β€’
    We cannot help: We can't recover your passphrase or decrypt your data - this keeps your data truly private.

Frequently Asked Questions

What happens if I forget my passphrase?

There are limited recovery options: 1) If you have the app working on another device, you can set a new passphrase there. 2) If you don't have another device but have local data, enter 'export' when prompted for the passphrase to be redirected to Settings where you can export your local data to PDF or ZIP. 3) If there's no working device and no local data, unfortunately your encrypted data can't be recovered. Keep your passphrase safe to avoid this.

Can I change my passphrase?

Yes, you can change your passphrase in Settings β†’ Security. When you change your passphrase, only the passphrase that protects your encryption key is updated - your actual data encryption remains unchanged. This is because Journal it! uses a two-layer security model: your passphrase encrypts the encryption key, and that key encrypts your data.

Does encryption affect sync speed?

There's a small performance impact as data needs to be encrypted/decrypted. This is mostly noticeable during the first sync on a new device for accounts with large amounts of data. For day-to-day use, the impact is minimal. The extra security is worth the small speed trade-off.

Why aren't media files encrypted?

Media files (photos, videos, attachments) are NOT end-to-end encrypted. They're stored directly in your Google Drive or iCloud account using their standard security. This gives you better performance, unlimited storage, and direct access to your files. Journal it!'s backend never has access to these files - they go directly between your device and your cloud storage.

Do I need to enter my passphrase often?

You'll need to enter it when signing in on a new device or after signing out. Once entered, your device saves the encryption key securely (not the passphrase itself), so you don't need to enter your passphrase every time you open the app.

What happens to my encryption if I change devices?

Your encrypted data remains secure across all devices. When you sign in on a new device with your passphrase, Journal it! gets your encryption key (which is itself encrypted with your passphrase) and uses it to decrypt your data locally. The actual encryption of your data never changes.

Are exported ZIP files encrypted?

No, exported ZIP files are NOT encrypted. End-to-end encryption protects your data on our backend servers, but when you export data to ZIP or PDF, it's decrypted for local use. Handle exported files with care and store them securely, as they contain your unencrypted journal data.

Best Practices

πŸ’ͺ

Strong Passphrase

Use a passphrase with 12+ characters, mixing words, numbers, and symbols. Consider using a memorable sentence.

πŸ“

Physical Backup

Write your passphrase on paper and keep it somewhere secure like a safe.

encryption

Password Manager

You can also save your passphrase in a trusted password manager as backup.

🚫

Never Share

Don't share your passphrase with anyone, including support. We will never ask for it.

βŒπŸ•ΈοΈ