20
votes
What Is A Secure Note-Taking App?
I've been using Google's Keep Notes for all my note-taking, but I would like to shift away from that and use an app that is more secure. I've heard of Notion and Evernote but I'm not sure about their level of security/encryption. Any suggestions?
You can also set up Obsidian, which is what I use for my journals and research taking. I use syncthing to sync between my devices (no central server needed). That way it remains only on my devices, and nowhere else.
+1 for Obsidian. Everything is local to your device. And files are in open markdown format so they can be easily imported into other note apps.
My biggest issue with it is that syncing is a pain in the ass. Google Drive and OneDrive just don't work well enough. Obsidian Sync is too expensive and a pain to configure. And I've had so many conflict issues with syncthing when I tried that. So I've just resorted to manually uploading backups regularly to OneDrive and pulling them down on mobile when I need them.
I use this https://github.com/vrtmrz/obsidian-livesync
It's admittedly not perfect. For one, it requires a server to host, and the more services I self host, the more work it takes from me to make sure it doesn't break.
I really wish something like this was native to the product, because their managed solution is 10 bucks a month, which, while I like the product, is just an absolutely absurd price to pay for notes synchronization.
Yeah that's more than I want to do, honestly. I just wish I could put in my OneDrive or Google Drive credentials to my vault settings and have it auto-sync with that service.
Obsidian Sync may be expensive, but I do not consider it painful to configure. I have zero issue importing vaults to new devices and syncing devices, even between mobile and desktop. In fact, the reason I moved to Obsidian Sync is that other syncing options, including syncthing, are a bit flakier and come with more hassle than Obsidian's own service.
I paid for it during the end of 2023 sale and haven't been able to get remote vaults working properly. It's been annoying and I won't be resubscribing.
How can you fail in it? You just create the vault and it works.
Then switch to the same remote one on every device and you're done.
The only downside to obsidian, is the fact that you need to install a client to use it. I personally work in an industry where that’s not possible on my work machine, but using something like Notesnook or Evernote’s web UI was permitted. Something to keep in mind depending on use case.
Please do let me know if that has changed recently, because I really did enjoy Obsidian outside of that one issue. I’d even be okay with paying for sync again if it meant I could use a web app when required.
Since it's just markdown, you could use any text editing software technically. It wouldn't have any of the nice features, but it might be enough for some usecases
I use Triluim. You can run it either local-only or you can run a server instance and sync to that. It has a local client, but you can also access your server instance using a browser, access to which can be password protected. If you want, you can also have note- and tree- level encryption.
It's a bit of a pain to setup and there's no mobile apps for it, but the mobile web UI isn't terrible.
I might try this out when I have the time. Mobile UI is a major nice to have, but at least if it’s usable to jot stuff down it might be able to suit my needs. Thanks for the recommendation!
I'm surprised that a company would forbid installing local software, but allow storing company data on a third party server (encrypted or not).
That's not unusual. It's much harder to enforce the second than the first.
IT department doesn’t want to have to police it I believe, so they simply disabled the ability to install applications outside of their whitelisted ones. There is already a policy in place where any sensitive information cannot be handled outside of dedicated channels. I use it for short meeting notes to keep track of things to follow up on, or if I get a solution to a problem while at home.
Ugh, I've wished for a portable version of Obsidian since early beta. Keeping it on a flash drive would be so convenient.
It’s a bit of a hacky workaround, but it’s definitely possible to make a docker image with Obsidian installed on a Kasm image, which would provide you with essentially a virtual desktop with access to the app. Hosting it on something like Oracle’s free tier would be more than sufficient.
That being said, Standard Notes was what I used in your situation. It’s pretty good, but I grew concerned about the lack of ability to just pull things out of the database at will (You need SN to access the files, it’s not plain markdown like Obsidian), and the markdown support wasn’t nearly as great as Obsidian’s… But that may have changed between now and then. It’s a great app, otherwise and completely web-first.
This is exactly what I do. One of my devices happens to be a VPS I run a few services on, and with that I get my "always-on, in the cloud" syncing service.
What does secure mean to you - what are you trying to protect the notes from? Criminals? Third parties? Governments? Google?
Good question. 1Password has “secure notes” that are encrypted and as secure as one could ask for. But it’s a password manager, not a true note-taking app. If OP is looking for high security and willing to sacrifice… well, basic notes features… it’s certainly an option. My guess is that’s not what’s being asked for though.
I am a huge fan of Notesnook, they have most of the platform open sourced with plans for their sync server later this year (they technically had it open sourced, but it wasn't selfhostable easily).
E2EE, great pricing, incredibly fast, and has some great features. They've been pretty faithful to their roadmap, and they just passed 100k users. I've been using them for my quick notes for the past two years or so.
If you're ever used Evernote in the past, this is the OSS* encrypted equivalent.
As someone who has tried Notesnook, Obsidian (paid), standard notes, apple notes, Evernote, Joplin, Notion, and OneNote, my vote would be for Notesnook.
It’s super easy to get started, the developers have followed their roadmap and continue to improve it as u/drannex has said, and the self hosting option should be coming (soon). I’ve been happier with Notesnook than any other app in my list in terms of security and interface combined. Some apps might “look” or “feel” better to use, and some apps (when using a custom setup) might be more secure, but no app is as high in terms of combination of both functional and secure as Notesnook seems.
I have had issues with Notesnook before (specifically an issue where I couldn’t enter the 2FA code because of a UI bug on my phone, but that has been fixed, and outside of that, it is great.
I love Notesnook’s themeing, sharing of notes as webpages, and its snappy load times. Once they improve hashtag search and allow nested notebooks, I’ll be ecstatic.
I hadn't heard of Notesnook before. Looks nice. Don't love that you only get 3 notebooks unless you pay $50/yr though. Maybe I'll look into it again when they release their self-hosted option.
They have great tag organization, and the ability to nest notebooks that won't count against the quota.
Not just that, but they tend to run deals quits a bit. You can also take the student discount if applicable for $9 a year... (they also change the pricing depending on the region, so if you were to use a different region, it will change the price considerably).
It's nice there are deals but I really don't want to be paying a subscription fee for my notes app. I already have too many subscriptions.
I've been self-hosting Joplin for a little while and it's pretty good. Everything syncs in the background, easy peasy. It's not the prettiest note-taker in the world, but it's open source and it gets the job done. I found with solutions like Notion or Obsidian I was spending too much time thinking about the how of taking notes and not the what. Joplin is just functional enough for my needs, but not so powerful that I get carried away with trying to maximise my efficiency. Things just go into an inbox notebook throughout the week, and I have a weekly reminder to review all those notes and sort them into their forever homes.
You know what has actually been a fantastic note app and shared calendar? A private Discord server.
Different channels for different topics of stuff. Good markdown support and threads for chatting make it that much easier as a collaborative tool. My wife and I use it to plan a good bit of our stuff. You can add bots if you want to automate things.
Got a grocery list to make? Start a thread, put one item per message. Delete message when you get item.
For the rare occassion I'm fully offline, I'll use some random offline-only notepad app on my phone or vim on the computer.
I would put Discord near the bottom of the list if the op is looking for security/privacy.
You could do the same with something like Matrix, Mattermost, Rocket.chat, or Zulip.
Matrix has my vote for secure, as it's based on encryption, and Rocket.chat for general UI and selfhostable ease.
Not saying it's a great option, but it's doable.
Depends on your definition I suppose. They've got a robust bug bounty program and, to the best of my knowledge, not been hacked. And that's secure enough for my needs.
Would I use it to plan a revolution? Probably not. But I appreciate they're still a smaller independent player.
And for me, it was the 'collaborative' bit that is key. @drannex mentioned many other options I would prefer...but I'm also not the only one who has a say.
Otherwise the answer is 'literally anything that works offline and you manually setup syncing.' And the security is only as good as your syncing.
This is what I do, and honestly its biggest downside for me is that Discord just DISAPPEARS when you have no internet. I don't get it!!! This screen has been showing on my screen for the past 3 hours, there's no way it deletes the text from memory then goes to fetch the new version then realizes it cant and so has to display nothing; so why doesn't it just continue to sit there and say "experiencing connectivity problems" the way Slack & Element do??
Standard Notes is great. You do have to pay for most features, but for a basic note taking app that's E2EE and syncs across most platforms, the free tier is completely usable.
My partner and I use standard notes, with a single username and password, to collectively edit grocery lists, wish lists, holiday gifts, and similar. For free, it is excellent and E2EE. If you pay you get some nice features, themes, and multi-account, but the free tier is plenty for us.
I have used many different note taking apps and currently use UpNote. You pay once and can sync across computers.
https://getupnote.com/
Honest question: Other than syncing, what features do people like in these fancy solutions? I'm not seeing the appeal. I have an Android app which lets me type characters into separate notes, and that's all I've ever needed for basic jotting things down. If I need anything more complicated than that, I'll just create a full-blown Libreoffice doc as needed.
URL hyperlinking is always useful.
An android widget is great, it forces you to look at your notes every time you go back to your home screen. Google Keep has the best widget for my needs by far unfortunately.
The lack of tagging starts getting painful in Keep as your number of notes grows. Sure I can search for text inside notes, but it would be nice to view all related notes at once.
Why do you say "other than syncing" ? That's a huge problem that needs a good solution.
I've been getting on for years without syncing much of anything. At most, I access Nextcloud from multiple devices, but that's about it.
But, are you saying syncing is it? It's the big draw?
For me at least, yes. Depends on what I'm writing down as notes but usually it's IRL things like a shopping list or recording the time of day I took a medication. A lot of these things will be either a) I want to compose at PC & have available on mobile; or b) I want to compose on mobile and see the aggregate at PC.
Multi user support is nice. We maintain several ongoing notes to do with the house which anyone can add to - shopping lists, chores needing doing, things to remember, etc. We have a calendar for specific events but shared notes are super useful for less time-dependant things.
It'd help to know what other features besides encryption you're looking for. I would not recommend Evernote, as the quality to price ratio has been declining for a while now.
I've heard good things about Obsidian, but if you're okay with a smaller feature set, Joplin is a nice free and open-source alternative that can sync to Drive, Dropbox, etc. and also has encryption. I personally sync it to my local file system and let my own file sync service sort it out.
Notion is also fine too, but I found that to me it wasn't worth the price. Many others I know are perfectly happy with it, though.
Seconding this. I’ve been an Evernote subscriber since the early days, like 2008 or so. Sadly they are now in the late stage of enshittification and I can no longer recommend them to anyone.
I haven’t found a replacement yet but I’ll be noting the suggestions here. I don’t really take notes frequently enough for it to be a high priority. But I’m getting pretty tired of giving Evernote my money.
If you want to sync to a Google Drive or Dropbox (and not use Obsidian's custom build sync feature) Obsidian is also free to use.
I like using Cryptee. It is simple, clean, and easy to use. I liked Standard Notes back in the day, but I didn’t like how limiting the features were without a subscription. Cryptee lets me save photos, write essays, and take notes easily with their Progressive Web App. If I am not mistaken, they are an Estonian based company. So do with that as you will and good luck finding a secure note-taking app!
I mentioned it in a child comment in here but I figured I should make a root comment as well.
I use Trilium, which supports syncing if you're willing to put in the legwork to self-host a server instance. The server also provides a web UI, but the local client can sync to it as well.
I've been very happy with it, but it's not as turn-key as Notion. If you're comfortable with Linux, you can spin up a Linode and it'll run quite nicely. You can also password-protect the server instance and serve it over HTTPS with nginx (both of which I recommend). If you want encrypted notes, you can do that on a per-note or per-branch basis. Your notes are all stored in a SQLite database, so emergency retrieval is...doable.
It lacks a lot of creature comforts of Notion (lack of a database analog being a big one for me) and quite a bit of the polish, as well. But it's free, open source, and selfhostable.
I haven't used it very much yet, but I recently set up a combo of Obsidian for notes and Syncthing for syncing the file between my windows and android devices. So far I really like the setup, plus it's very secure due to the way the two programs work. Setup was quite easy, as well, although it did require just a tiny little bit of tinkering.