Encrypted At Rest
-
Are there any considerations to add a feature to encrypt Day One at rest? Similar to a password vault?
E2EE is good, but I think some of us sharing some of our most personal moments would appreciate the ability to encrypt our journals at rest on the device as well since everything is open in a sqlite file. -
Hello @wyomingjarbo!
We have discussed this with our engineers before.
Encrypting data on the local filesystem presents challenges because it restricts search functionality, making it significantly slower.
Additionally, every image displayed would need to be decrypted in memory instead of being directly accessed from disk, resulting in increased memory usage for Day One.
Considering that macOS already provides full-disk encryption secured by the user’s login password, if you’re concerned about on-disk encryption and share a computer, I recommend using macOS user accounts. Each user can have their own account, ensuring that they cannot access your Day One data.
I’d be happy to submit a feature request on your behalf for future consideration.
-
Yes I understand the challenges of encrypting an entire journal and attachments. I think a reasonable compromise would be the ability to encrypt certain entries, and decrypt them when needed. Obviously this would impact search but I think that’s worth it.
Please consider submitting a feature request. Thank you.
-
Day One Forums 