Password protect / lock folder / Encryption at rest

icebear · January 13, 2021, 9:08pm

I’ve had a good experience with encrypting specific folders of my vault (or, an entire vault) using Boxcryptor. A pin is requested at startup, and if I fail to provide it that folder doesn’t appear when I open Obsidian as all the .md files are encrypted into gibberish (with a different extension).

kris · March 2, 2021, 11:23am

@icebear Would you mind explaining a bit more your process?
For example, is the pin requested when you open Obsidian or when the computer starts? What is the “different extension”?

icebear · March 3, 2021, 1:48am

I need to launch Boxcryptor and enter the pin before launching Obsidian. Otherwise, Obsidian can’t find the vault at all. You can set up Boxcryptor to launch at start if you like.

Boxcryptor changes all file extensions to a different one (.ch?) while they are are encrypted. If you force them to open with Notepad you’ll just see encrypted gibberish. Once you enter the PIN in Boxcryptor they’ll open as proper .md files.

Edit: given the base functionality (as I use it) is free, I suggest downloading it and trying it out with a test vault, which is what I did at first.

jtmusky · March 3, 2021, 2:50am

Would GPG style encryption work here? Maybe something like how https://www.passwordstore.org works?

Reese · March 3, 2021, 3:14am

There is now a plug-in to encrypt portions of a note within Obsidian. See it here: GitHub - meld-cp/obsidian-encrypt: Hide secrets in your Obsidian.md vault or in the Community Plugins: “Meld Encrypt”

jtmusky · March 3, 2021, 4:48am

This works great for me! Its nice that the decrypt part shows a popup and keeps the data encrypted.

Wxll · March 4, 2021, 1:40pm

@fourteen

What would be the best way to encrypt a vault?

I wrote a little Howto here:

Might give you some inspiration…
And obsidian has a service as well for end-2-end encryption which I personally also consider to use as soon as my vault gets more used.

Wxll · March 4, 2021, 1:43pm

Considering encrypting a single page or part of a page it could be consider an infile encryption like they are using with eYaml, example:

fourteen · March 13, 2021, 12:43pm

obsidian has a service as well for end-2-end encryption

Wait, really? How do I enable this?

ryanjamurphy · March 13, 2021, 6:09pm

It’s the Obsidian Sync service.

See Sync: Pricing - Obsidian

Hydro · March 18, 2021, 9:32am

Does someone work with boxcryptor on android phone ? With markor for example ?

icebear · March 22, 2021, 11:06pm

My impression was Boxcryptor couldn’t do what I needed on Android with Markor. Would be interested to learn otherwise, if you figure it out.

asmageddon · September 3, 2021, 4:21pm

I would love to selectively encrypt files and folders as well in obsidian in order to encrypt some sensitive information (wouldn’t want to have my bank account number, SSN, etc out in the open)

HammyHavoc · October 2, 2021, 5:41pm

Yes, selective encryption would be a brilliant addition.

Diamant · November 9, 2021, 11:39pm

Platform

[ ] iOS
[x] Android

Currently the vault is saved in plane text in the share folder. I understand, that this is nessesary to offer sync with third pary ( maybe even nessesary for your sync), however this gives all apps access to my partly very private notes. Which is unacceptible. At this point i cant use the mobile app with a good feeling.

Possible Fix / Feature:

Save the Vault in the Aplication storage, where it is protectet by android sandboxing. You can then safe an optional “backup” / sync dummy to the shared file system which can be used by external programs. To make this option usefull, this backup file should be encrypted by a user set password. Idealy in a file based manner, so that only changed files will be synct.

For the desktop app you could add the same feature.

rigmarole · November 10, 2021, 12:11am

Hi @Diamant please search the forum before making a new feature request. I’ve merged your request here.

Chita · February 9, 2022, 2:17am

I hope we can easily use password to encrypt any file to protect our private info ; the folder could be a good target to encrypt ;

Add password to folders
Lock and unlock folders
Change password of folders
Remove password of folders

The encrypt file in the disk could be a zip file , that could make it easy to edit without obsidian ,and also easy to implement in different systems.

Chita · February 9, 2022, 2:34am

The interface example could be something like Onenote , that is enough for me .

LondoMollari · October 27, 2023, 11:29am

I’d really like to see in-app encryption at rest that functions across platforms. No wonky workarounds, no OS dependant 3rd party solutions, and no snarky responses. Oi vey, the snarky responses! This isn’t a crazy ask, in and of itself, even if it’s not possible for some reason.

Would it be applicable for all possible threat models? Of course not, but it’d add a huge layer of security for most general users, upping the difficulty of malicious decryption from an “open the text file” level.

patagonian · March 12, 2024, 9:37pm

Personally for me this is the most important functionality that Obsidian is missing.

1- The encryption system should not depend on external plugins, a specific OS or need complex configurations.
2- Ideally it should work with the biometric systems of smartphones (faceID and fingerprint).
3- Give the option to encrypt a whole Vault or just a folder/file.