Obsidian’s local-first Markdown vaults are awesome, but the lack of native local encryption in 2025 is ridiculous. OneNote has password-protected sections, and privacy-focused apps like Proton’s Standard Notes offer local encryption by default. Forcing users to rely on third-party apps like Cryptomator is a weak excuse, and local encryption fits Obsidian’s ethos of user control perfectly. Here’s why.
OneNote and Competitors Nail Local Encryption
OneNote lets you password-protect sections with AES encryption—simple and secure. If someone accesses your device, those notes stay locked. Obsidian’s vaults? Just plain text Markdown, readable in any text editor. Competitors do better:
- Standard Notes (Proton): Notes are locally encrypted with XChaCha20 before saving, keeping them secure on-device, even without syncing.
- Notesnook: Encrypts notes locally with AES-256, protecting them at rest.
- Joplin: Offers local encryption for notes stored on your device.
- Apple Notes: Locks notes with AES-GCM encryption, keeping them secure locally.
These apps show local encryption is a must for note-taking in 2025.
“Encrypt Your File System” Isn’t Enough
The default advice—use BitLocker or FileVault—doesn’t solve everything:
- Not always an option: Work or shared devices often block system encryption.
- Targeted risks: A nosy coworker or thief could target your notes specifically.
- Cloud syncing: Vaults synced via Dropbox or iCloud are plain text without extra tools.
Local encryption would protect your vault directly, no matter the device or context.
Third-Party Apps Are a Bad Workaround
Relying on VeraCrypt or Cryptomator is clunky:
- Too complex: Most users aren’t tech-savvy enough to set up encrypted containers.
- Sync issues: These tools can mess up cloud syncing, especially on mobile.
- Mobile pain: Options like Cryptomator are often paid or awkward on iOS/Android.
In 2025, a note-taking app shouldn’t outsource security to external tools.
Local Encryption Fits Obsidian’s Ethos
Obsidian’s all about user control and data ownership—local files, offline-first, no lock-in. Local encryption aligns perfectly:
- Choice: Optional vault encryption lets users decide their security level.
- Seamless: Keeps security within Obsidian, no third-party hacks needed.
- Privacy: Protects sensitive notes like journals or work data on-device.
Without it, Obsidian’s promise of control feels half-baked.
Encryption is Standard in 2025
With privacy concerns and laws like GDPR, users expect note-taking apps to secure sensitive data locally. Standard Notes, Notesnook, and even Apple Notes deliver. Obsidian’s lack of local encryption feels outdated. Plugins like Meld Encrypt are unofficial and unreliable—native support is the answer.
TL;DR
Obsidian rocks, but no local encryption in 2025 is completely absurd. OneNote and Standard Notes show how it’s done, and it fits Obsidian’s ethos of control. Why force us to use third-party apps?