Question About Obsidian Sync Security

Hi everyone,

I have a question regarding the security of Obsidian Sync. While using the service, there are times when I need to store personal information, such as my ID and passwords, within my notes. This makes me wonder about the security measures in place for Obsidian Sync servers.

Specifically, I’d like to know whether files that I delete are physically removed from the server or if they are simply unlinked from my vault. If they are not physically deleted, wouldn’t it be safer to have an option to permanently remove them? I’m concerned that sensitive documents lingering in the cloud could pose potential security risks.

If the sync service ensures a high level of security, I might consider using it as a key vault as well.

I’d appreciate any insights or official information on this. Thanks in advance!

I can’t answer about Sync’s technical details. There is info about the encryption here Security and privacy - Obsidian Help

I can question your phrase “need to” here.

Sync’s security aside, your vault is plain text on your devices. Please consider using a password manager, like Bitwarden. (There are several more. That’s one I use.)

I absolutely don’t recommend you use a vault as your password storage.