I must say, something that scares the begeebees out of me is that if you forget your password, or mistype it wrong twice, your notes are gone. Nobody can get them back.
People in this day and age are used to forgetting passwords, or using some password manager. They never expect that if they forget a password that it is game over. They just go to the web site and hit “Forgot Password”, get a link emailed etc.
We are going to think about it some more. Maybe there is a recoverable way to do it. Not sure.
I agree; it is scary. It may not be worth taking on the responsibility of implementing complete data at rest encryption (on the device & in the cloud). The solution I proposed should be recoverable as only the data in the cloud is encrypted while the data on the device is still in clear text within the application. The user could create a new password for both devices and resync to the cloud. The responsibility for data at rest encryption on the device could rest with the individual or Apple. People that require data at rest encryption for their MacOS device at least have the option to use FileVault for whole-disk encryption in the meantime.
As for protecting Agenda data from prying eyes on the device, Agenda could use the usual pin and/or Touch/Face ID mechanism to prevent flagged notes from being visible until unlocked. If the individual forgets the pin, perhaps it could be reset once re-authenticating to their Agenda account.
I appreciate you taking the time to read my comments. In the meantime, I will be purchasing the iOS version of Agenda today. I have confidence that your team will figure out a solution. Good luck!
I realize this is an old thread but I’ll chime in nonetheless. I’m a premium user but I can’t use Agenda at work. It is installed on my company-provided MacBook Pro, MacBook Air, iPad Pro, and iPhone but, like I said, I can’t use it because there’s no end-to-end encryption. If you guys enable that I’ll be able to actually use what I paid for. I didn’t realize Agenda doesn’t have the security levels I need when I bought the premium subscription. I don’t regret paying for premium features because I like Agenda. I’m hoping you can provide end-to-end encryption soon (and the ability to paste pictures inline into a note.)
Hi! You can actually reset your notes password using your iCloud account. After entering your iCloud password, a new window will pop up for your to enter your new password for your notes.
I’d like to add my support for end to end encryption.
I recently had a support experience with Apple for a problem with my iCloud Drive, and talking to the completely normal humans there made me feel very aware of the total lack of privacy of my unencrypted files in iCloud. Any of the more senior support technicians (and there are surely lots of them) can access literally all of my iCloud data.
Of course we all know this, but having a conversation with some of the real humans who have that access brought it home for me.
I would very much like to encrypt my Agenda journals. It feels strange that it’s not an option (i came here from Day One)
I’m completely confident you can come up with solutions to the search indexing difficulties ^^ (perhaps just encrypt the index too?)
Agenda is totally awesome and a great concept. Thank you!!
I’m using Ulysses almost every day, they also have a password protection. But it’s like a master password. You need it to enter the software. But actually I would strongly prefer to set up a protection for certain projects or categories or sheets or whatever. If you’re working in different locations or for different clients or in different surroundings in general, the individual protection is what is needed…
I want to add that there will be a number of security/privacy conscious users that will not be willing to use the sync features (iCloud) without End-to-End encryption. I understand when you say that you are scared of the forgotten passwords but that should be for the individual to decide. If there is a password recovery mechanism then what’s the point of having information encrypted. End-to-end encryption is becoming more and more familiar to users and they understand when you give them a warning that losing the password will lock them out forever. Users will only trust your encryption if they know you do not have a backdoor to recover their password.
Two of the apps that I use regularly, that use end to end encryption are DayOne and Standard Notes.
DayOne allows end to end encryption journals but it warns you that you will lose some features if you use them (no web editing for example). That is understandable and and a compromise that many users will be willing to make for the sake of privacy.
Standard Notes allows encryption across all notes and does allow rudimentary search as well. You can even look into how the encryption works for it since it is an open source project.
I am glad that end to end encryption is in your road map and will be looking forward to when it is implemented. Unfortunately, I will not be able to use it for much until that feature is added. And of course, it can certainly be a premium/upgrade feature.
Yes, we will likely add it at some point. And yes, “lose your password, and your data is gone” seems to be the approach we will have to take.
I worry about it, because people are used to web services where if they forget their password, they just request another be sent to their email address. With this encryption, there is no recourse. That was the concern, but I guess we just have to suck it up and make sure our customers are very sternly warned.
Up to know I thought sync via iCloud has automatically End-to-End encryption because libraries (CloudKit) provided by Apple must be used. Is this wrong?
If I understand it, iCloud Drive does use encryption, at least if you believe Apple:
It is not end-to-end as far as I can see. The data is encrypted on the server, but presumably Apple engineers could access it if they had the key. With end-to-end encryption, that would not be possible.
Some of Apple’s services are end-to-end encrypted (eg Health data), but iCloud Drive is not.
I assume that CloudKit, which is part of iCloud Drive, has the same encryption. Namely, the data is encrypted, but not end-to-end encrypted.