Taking down notes with privacy in mind.
Note-taking is essential in various aspects of life. For example, for students in class, for work purposes, for travel itineraries, etc.
Third-party note-taking apps like EverNote and OneNote are great for quickly capturing ideas and easily logging in to personal tasks and events. Therefore, we treat them like digital notebooks that we carry around.
However, our notes are not encrypted by these popular services and thus, can be easily read (most likely machine-read) by them. Therefore, in the possible event of a hacking leak, our notes may be compromised.
Our private notes are likely to contain sensitive data such as passwords, account numbers, personal to-do-list, medical appointments, etc.
The ideal note-taking app should ensure privacy and minimize risk by adopting a zero-knowledge encryption approach to storing our data safely.
Here are the technical considerations we used when compiling this list.
- What is the type of encryption used?
- What personal information (e.g. email address) do we need to give to the app or service?
- Is there an additional password-protection feature?
- Is there an option to use it offline?
- Is there a way to import & export notes databases manually?
- Does it have the ability to sync across different devices?
Here are the top 17 best-encrypted notes apps you can use as an alternative to using EverNote, OneNote and Google Keep.
Standard Notes
First on the list is Standard Notes.
The application is an open-source software project that promotes transparency and confidence among privacy-focused users.
It uses end-to-end encryption, regardless of the devices (e.g. Mac, Windows, Mobile) you are using.
Unlike other similar apps, Standard Notes does not have any form of tracking or intrusive advertising. Instead, they adopt respectful analytics that reports precisely what they track to their users.
Installation (privacy, if any):
- Can start using without providing any personal information (e.g. email address or phone number)
- To sync across different devices, you will need to register using your email address.
Encryption used:
- XChaCha20-Poly1305, one of the strongest forms of encryption available.
Supported Platforms:
Windows, Mac, Linux, iOS, Android, Web
The Good:
- Free (optional to upgrade further)
- Unlimited Notes
- Unlimited devices
- Sync across all devices (all mobile & computers)
- Works offline
- Databases can be imported and exported out manually
The Missing:
- More Custom Markdown Editors (requires upgrade)
- Daily Backup to cloud service like Google Drive or Dropbox (requires upgrade)
- 2FA (requires upgrade)
Turtl
Another open-source project, Turtl, is also focusing on providing privacy for note-takers on the move.
It uses the concept of “Spaces”, which are essentially different login accounts that you can use for various purposes, such as work, home, travel, etc.
It uses the popular Markdown format for note-taking.
If you prefer, you could also install your Turtl server at home or the workplace.
Installation (privacy, if any):
Mandatory registration using an email address.
Encryption used:
Turtl uses libsodium for all low level encryption (Chacha20poly1305 (IETF) algorithm).
Supported Platforms:
Windows, Mac, Linux, Android, iOS (coming soon), Bookmark Extensions on Chrome and Firefox.
The Good:
- Search via text or tags
- Unlimited devices
- Ability to collaborate and share your notes
- Attach photos and files to your notes
- Ability to import/export profiles for backup
The Missing:
- Only 50MB of note data (requires upgrade to reach 50GB)
- Collaborate up to 3 people on each space (requires upgrade to reach 50 people)
Joplin
Joplin is an open-source note-taking app that supports importing various formats from, e.g. Evernote and plain-text notes.
It uses an end-to-end encryption (E2EE) connection to sync to other third-party cloud services like Dropbox, OneDrive and Nextcloud.
Installation (privacy, if any):
Can start using without providing any personal information (e.g. email address or phone number)
Encryption used:
No encryption is performed on the local notes database on your device. Instead, E2EE is used when syncing across devices.
Supported Platforms:
Windows, Mac, Linux, iOS and Android.
The Good:
- Take photos and tag to notes
- Supports embedding of videos and audio files
- Ability to collaborate and share among users
- Uses common Rich Text and Markdown text editors
The Missing:
- Requires upgrade to Joplin Cloud in order to sync across all devices.
- Joplin does not encrypt their notes databases locally. Notes are encrypted only when in transit, e.g. when syncing across different devices and E2EE is being used here.
- Ask for location permissions on Android devices (can deny and resume the app).
EteSync
Like most apps, EteSync is fully open-source, with source code hosted in Github for all to contribute, review and audit.
Besides having the main note-tasking features, EteSync can also sync for contacts, calendars, tasks and notes with existing apps available on all major platforms.
Installation (privacy, if any):
Only username and password is required.
Encryption used:
Uses end-to-end encryption and TLS to ensure data transportation onto their servers.
Supported Platforms:
Web App, iOS, Android, Server
The Good:
- Ability to run your own instance
- Sync your calendar, contacts, and tasks
The Missing:
- Account wipe out and resetted if password is forgotten
- No 2-factor authentication (2FA)
Protected Text
Ever wanted to store text on the internet without anyone being able to see them?
Protected Text is a web-based online notepad encryption service.
Find a site page that is not taken, and create your own encrypted page in it with your own password.
For example:
https://www.protectedtext.com/<your-site-page>
The maximum length you can keep is about 750,000 characters per page.
Installation (privacy, if any):
No registration is needed. This is a web-based online service.
Encryption used:
Standard AES algorithm for encrypting/decrypting the content and SHA512 algorithm for hashing.
Supported Platforms:
Web-based and Android app
The Good:
- The online service tracks no one.
- No registration is required, no users tracking, no sessions and no cookies.
- No logins required
- No ads
- No passwords is saved on their servers. Only encrypted content.
The Missing:
- Password is required to enter the site URL. Once forgotten, there is no way to access the page.
NotesNook
NotesNook is a Pakistani company that has its physical servers located in Singapore.
Focusing on users’ privacy, the company offers zero-knowledge encryption and automatic syncing to unlimited devices.
Users can have offline access to their notes and perform manual backups if they want.
It uses tags and colours to customize and organize your notes and easily import from popular apps like Evernote and OneNote.
Installation (privacy, if any):
- Can start using without providing any personal information (e.g. email address or phone number)
- Email registration required if you need syncing features.
Encryption used:
It uses XChaCha20-Poly1305-IETF and Argon2 to encrypt your notes and also end-to-end encryption for syncing across devices.
Supported Platforms:
Web, Windows, Mac, Linux, iOS and Android
The Good:
- No data mining, no ads and no trackers
- Device-level encryption
- Additional app-lock features
The Missing:
- Requires upgrade for larger attachments and storage space.
- No refund for paid plan.
NoteRiot
NoteRiot is a decentralized note-taking service that utilizes Blockstack’s platform for data encryption.
It is based in the cloud for convenience and easy access everywhere.
For users’ simplicity, the app uses the “What You See Is What You Get (WYSIWYG)” mode instead of the Markdown format to start writing immediately visually.
Installation (privacy, if any):
Requires registration of BlockStack ID using an email address.
Encryption used:
Uses BlockStack’s encryption.
Supported Platforms:
Web-based cloud platform
The Good:
- No central servers
- Export your notes in simple markdown format to be used in other apps easily
The Missing:
- Requires one to create a BlockStack ID before using.
Cryptee
The company is based in Estonia, Europe, which is outside of the 14-Eyes countries.
Cryptee is designed to be an open-source progressive web app (PWA).
Designed to be a privacy note-taking app, it has most of the features of a modern-day notes app, plus a few more on the side.
Cryptee has a useful deniability feature that is called “ghost folders”. You can hide your documents and photos within these ghost folders.
When someone requires you to open your app, these files will remain hidden, giving you a good deniability feature.
You can write math using inline codes, use checkboxes & tables and use markdown & hotkeys.
Installation (privacy, if any):
Requires only a username to begin.
Encryption used:
AES-256 encryption algorithm
Supported Platforms:
Windows, Mac, Linux, iOS, Android and Chrome OS
The Good:
- GDPR compliant by design
- Does not ask for any personal identifiers
- Use on both offline and online mode
- Use tags for categorization of ideas
- Built-in Word (.docx) support
The Missing:
- Only 100MB for the free plan (upgrade can go up to 2TB)
- If you use only a username for registration, there is no way to recover back your account if you lost your password
Laverna
Another privacy-focused open-source project, Laverna keeps notes within so-called “notebooks”.
It offers a live markdown preview using its powerful editor so that users can write faster than usual.
The app has a distraction-free mode that goes full screen, so you can focus entirely on just writing your ideas out.
You can also choose to host your own Laverna or use the web app version.
Installation (privacy, if any):
No registration is needed.
Encryption used:
AES-256 encryption algorithm
Supported Platforms:
Web app, Windows, Mac, Linux, Android (coming soon).
The Good:
- Compatible with third-party services like Dropbox for backup
- Has a web app version
- Can host on its own
The Missing:
- Limited editor format
- Not much customisation can be done
SafeRoom
If you are a current Evernote or OneNote user, you should know that your notes are not being encrypted and pose a privacy risk. Therefore, you may want to give SafeRoom a try.
It acts as a “middleman” between your data and your favourite notes app, securing your data before it transits out of your device.
What it does is to configure your Evernote or OneNote account with SafeRoom with a master key, and it will encrypt all your notes locally on your device.
When you sync your notes to your app server, your data is already encrypted by SafeRoom, and no one can read it.
Installation (privacy, if any):
No registration is needed. Just provide and remember a master password.
Encryption used:
AES-256 bit encryption
Supported Platforms:
Windows, iOS and Android
The Good:
- Password is stored locally and not synced to anywhere
- Encryption and decryption is done locally in memory
The Missing:
- Currently only supports Evernote and OneNote apps
Etherpad
Etherpad is a popular online editor that encourages collaborative editing in real-time.
It is also an open-source project that supports over 105 languages and more than 290 plugins.
Etherpad plugins range from font customization to exporting Markdown formats to even applying a table of contents for your notes.
Just choose any one of the public instances, or you can set up your instance.
Installation (privacy, if any):
Some public instances do not require any form of email registration. However, it would be best if you found them.
Supported Platforms:
Web-based, Windows, Mac or Linux.
The Good:
- Lots of public instances to choose from
- Cool customization of editor’s appearance
- Good community support and a dedicated Wiki page for troubleshooting issues.
The Missing:
- Installation instructions for Windows/Mac/Linux can be confusing. Most users will opt to use the web version of Etherpad instead.
CryptPad
CryptPad is designed to collaborate with others in a secure and real-time manner. It is a full-fledged office suite, equipped with Rich Text, Spreadsheets, Markdown and others.
The encryption and decryption are done via the users’ web browser; therefore, all the data and files are safe from prying eyes outside the session.
The service offers CryptDrive, an encrypted “team drive” folder concept that users can share with access controls. Within the drive, users can create, upload and edit files.
CryptPad is open-source, and you can choose to host your own. The source code can be found in Github.
Installation (privacy, if any):
Only require a username and password to encrypt your notes pad.
Encryption used:
CryptPad primarily uses the symmetrical encryption “xsalsa20-poly1305” for its use cases.
Supported Platforms:
Web-based; runs from your web browser.
The Good:
- Different supported documents types
- Built-in chat function allows writers to collaborate better
The Missing:
- If password is forgotten, your files are gone. No one can recover it.
- 1GB storage is too small (requires upgrade to increase to 50GB)
- Mobile screen may be a little small for web-based editing.
OmniFocus
If you are looking for more than a note-taking app for your organization well, Omnifocus can be considered.
It is an encrypted task management software that is catered for enterprise use.
It enables syncing across devices, organizing actions into projects, and various keyboard shortcuts customization functions to quickly write down notes and ideas.
You can also add graphics and audio files in your notes while creating unique tags for entities such as location, person, etc.
Installation (privacy, if any):
Commercial software tool built for organizational use. Registration requires email addresses and payment details.
Encryption used:
AES-256 in CCM mode and supports end-to-end encryption.
Supported Platforms:
Web, iOS, Mac
The Good:
- Review feature can be used for periodic reminders of projects’ statuses.
- Can use Siri to add an action into Omnifocus.
- Set notifications and repeating actions for your tasks
- Allows for batch editing (good for mutiple notes)
The Missing:
- Only a 14-day trial, before the full price kicks in.
- No free version to try.
Obsidian
Obsidian is 100% free for personal and educational use, and there is no need for an account to use it.
Plugins like calendar, audio recorder, word count, file recovery and others are helpful when writing down notes.
Obsidian has the Graph view plugin to capture ideas creatively, which is a graphical representation of internal links between your notes, and you can interact and visualize these connections in Obsidian.
Notes are, by default, auto-saved every 10 seconds without worrying about losing data.
Installation (privacy, if any):
No account registration is required.
Encryption used:
Advanced Encryption Standard (AES) 256 in GCM mode.
Supported Platforms:
Windows, Mac, Linux, iOS and Android
The Good:
- Ability to import existing Markdown files into Obsidian
- Allows for syncing with Dropbox, Cryptomator, and others.
- Over 35,000 members of community support in their forum and Discord channel.
The Missing:
- Does not currently have a WYSIWYG editor.
- Once password is forgotten, there is no way to recover back your data.
Bear Notes
Bear Notes is designed and created specifically for Apple devices. It has beautiful themes, typography and dark mode for different settings to ensure that one suits your style.
Because it uses iOS or macOS, you can use Touch/Face ID to open your notes.
Features such as in-built word count and reading time make writing convenient.
Bear Notes can also convert all the notes easily into PDFs and Word documents for safekeeping or sharing with others.
Installation (privacy, if any):
Requires email address for registration.
Encryption used:
Each composed note is secured via the Themis Open Source library (AES-GCM-256 with ZRTP KDF) with a per note unique encryption key.
Supported Platforms:
Apple devices, such as iPhone, iPad, Macbooks.
The Good:
- Elegant and beautiful notes app
- Clean interface
- Multi-device sync via iCloud
The Missing:
- No support for Windows and Android users
- Encryption of individual notes requires premium paid plan
Paperwork
Paperwork has been under development for some years now and getting good reviews.
It is a privacy-focused, open-source, self-hosted alternative to the popular note-taking apps like Evernote and Microsoft OneNote.
You must install the software on your own in Github.
Installation (privacy, if any):
Install manually on your computer. No personal information is required.
Supported Platforms:
Windows, Mac and Linux
The Good:
- Active online chat platform
- Open source and transparent in its code
- Self-hosted meaning the storage and speed is within the user’s control
The Missing:
- Difficult for non-technical users to use as they need to compile and install the source code on their own.
SilentNotes
SilentNotes is a simple cloud-based open-source software that uses the WYSIWYG editor and end-to-end encryption to sync Windows and Android devices.
It has no ads, does not collect personal information and values users’ privacy.
The editor comes with dark mode and basic formatting features like the use of lists and headers.
SilentNotes encrypt your notes before they leave your device to the cloud for storage and retrieval.
Installation (privacy, if any):
Installation via Microsoft Store and Google Playstore.
Encryption used:
XChaCha20-Poly1305 symmetric authenticated encryption.
Supported Platforms:
Windows and Android
The Good:
- Ability to lock selective notes with a password
- Offline and online usage available
The Missing:
- Simplistic design and no room for customisation.
- Basic features.