I would also love to see Encryption at rest. I am a network engineer and love this app. But I would like to have the “vault” to be encrypted. Think like Bitwarden. Open app and type password. (or on mobile password and/or Bio-metric) Then if you happened to walk away from your PC or phone for X Minutes the Database of all your personal details and/or scripts which may contain passwords are encrypted. Using the word “vault” makes it sound more secure than it is. I would donate to this feature.
Yes, I can encrypt my phone/PC but one is none and two is one! (layers of encryption)
may be create something like .secrets to have encrypted files stored in there using AES encryption with the desired password. To access the vault and edit the file - one will have to enter the password. Once the file is closed it is encrypted again.
Perhaps ‘encrypt’ is not the correct technical term to express what I had in mind.
I was thinking of simply being able to select text or part of a note (such as a sentence, a paragraph) and make it ‘unreadable’ unless one clicks on it and enters a password.
I was thinking more in terms of privacy (for example: when working around others), and not necessarily in terms of data security.
I would also like something like this, or even the ability to password protect a folder within the vault. In my case, this would be for personal journaling. At the moment I know it is possible to keep this in a separate vault (or a separate application), but I guess I like the philosophy of having everything in a single vault.
Many ways to encrypt a vault.
Individual files would be much more complicated because Obsidian’s functions (search,linking,graph) require all files in the vault to be read.
Something like https://cryptdown.eu/ would be sweet as a plug-in that prompts you for the password and then encrypts/decrypts a note directly in Obsidian’s edit mode.
Would love to see built-in vault encryption, a useful feature so that a vault may be hosted on a cloud drive, but is only viewable by the owner, preventing bots and curious eyes from trawling through personal data.
I’ve had a good experience with encrypting specific folders of my vault (or, an entire vault) using Boxcryptor. A pin is requested at startup, and if I fail to provide it that folder doesn’t appear when I open Obsidian as all the .md files are encrypted into gibberish (with a different extension).
@icebear Would you mind explaining a bit more your process?
For example, is the pin requested when you open Obsidian or when the computer starts? What is the “different extension”?
I need to launch Boxcryptor and enter the pin before launching Obsidian. Otherwise, Obsidian can’t find the vault at all. You can set up Boxcryptor to launch at start if you like.
Boxcryptor changes all file extensions to a different one (.ch?) while they are are encrypted. If you force them to open with Notepad you’ll just see encrypted gibberish. Once you enter the PIN in Boxcryptor they’ll open as proper .md files.
Edit: given the base functionality (as I use it) is free, I suggest downloading it and trying it out with a test vault, which is what I did at first.