Hi everybody. I’m a therapist and I’m considering using a dedicated vault for my work notes. I like the idea of having it based on local files and not going to a cloud service. Is there a way to encrypt a vault in a way that only I can access and read the files? I don’t mind putting a password in everytime I enter said vault.
Obsidian doesn’t have an inherent encryption layer.
If you’re a Mac user and storing files locally, you can encrypt the folder that contains your vault. See “Encrypt folders” from this Tech Radar guide.
To encrypt the data, go to the Finder > Applications > Utilities folder. Choose ‘Disk Utility’. On the top of the menu, select File > New Image > Image from Folder. Choose the folder you wish to add a password to, then click ‘Choose’.
On the next screen, choose your level of encryption (128-bit or 256-bit AES Encryption) and your password. Click ‘Choose’. Next, next to ‘Image Format’, selection ‘Read/Write’. Select ‘Save’ to exit the window.
Once the system finishes encrypting the folder, click ‘Done’. Exit ‘Disk Utility’.
I’ve heard good things about Vault, but I haven’t tried it myself. It looks fairly technical, but very versatile and local. Encrypting your entire hard drive would probably be easier, but Vault gives you more control and more options.
For an easier but cloud-based solution, Keybase has very easy to use encryption. You just install it and drop your files into the Keybase file system, and everything is magically encrypted. It’s like Dropbox but with end-to-end encryption built in, and it makes it easy to control your own keys so you can be sure that no one is snooping on your files. Sadly though, I’m not sure there’s a way to use it without the cloud features.
I would look at tresorit for the level of privacy you’re looking for. I’ve used it in the past and am probably going that direction as a new Obsidian user. It’s not free, but for you it’s a professional issue.
It’s end to end encryption with local control of your keys. The trick with Tresorit is it’s syncing local directories, so it should work great for Obsidian. Looking forward to giving it a try.
By the way, don’t lose those keys and have good backups!
If you are not afraid of a terminal this is a really good solution. Using this approach you can either encrypt your whole vault or specific folders within your vault. And it works very well with cloud-based sync for anyone that is interested in that.
Edit: I would only recommend doing this if you are using cross-platform sync or daily backups. There could be bugs using this encryption setup that could lead to data loss when you are encrypting/decrypting, mounting/unmounting. If this happens it is important to have a recent backup. The nice thing about encryption is that it allows you to use any cloud service for backup without needing to trust the provider to respect your privacy.
Hi. I’m using Veracrypt for my vault, it’s very safe as long as your password isn’t “password”
1- I created a “volume” (a box/virtual hard drive, 4GB) at my User Folder (My Documents folder or other would’ve been ok too)
2- I set a short PIN instead of a password (just my notes, nothing confidential) AND a keyfile (a text, image, music file) in a USB stick.
At the preferences menu checked on “Dismount all when user logs off” I also went to the “favorites” menu and set the volume as a favorite, in that menu I labeled the box as Notes Vault and selected “Use favorite label as…” and “Mount selected volume on log on” you also have the option to have Veracrypt open the volume window when mounted
-3 Created a new Obsidian folder (or moved the one I had, can’t remember) inside the mounted volume
So now when Windows start I get the Veracrypt secure desktop window, I type the PIN, the USB is always plugged on and the “volume” opens! Just open Obsidian and go to town.
A few notes:
-There are more Veracrypt settings that can make your life easy but the ones above are enough for my needs. I would take an hour and learn about Veracrypt, it’s not complicated.
-If security is a concern, Veracrypt has never been cracked, as long as you use a good password. You also have the option to use Keyfiles, put them in a USB stick and take the key with you, there’s also a PIM (not a PIN) number you can add for more security.
-For backups you can copy the whole volume to a portable drive or USB stick and keep that on a safe location or open the volume and copy the Obsidian vault to another Veracrypt volume.