#14 How to Encrypt Sensitive Notes — And How Secure Is It?
Folder-level encryption — lock an entire folder, and every page inside is encrypted.
How to encrypt
- Create a folder (or use an existing one)
- Tap the lock icon on the folder
- Set a password
- Done — everything in that folder is now encrypted
What happens
- Notes are encrypted with AES-256-GCM — the same standard used by banks and governments
- Your password is never stored anywhere
- Even if someone accesses your device, they see gibberish without the password
Using encrypted folders
- Unlock: tap the folder → enter password → edit normally
- Lock: close the folder or tap the lock icon
- Content is decrypted only in memory, never written to disk unencrypted
Can it be cracked without the password?
No. Not by us, not by hackers, not by anyone.
- AES-256: Breaking it by brute force would take longer than the age of the universe
- PBKDF2 (100,000 iterations): Makes password-guessing attacks extremely slow
- GCM mode: Any tampering is detected
What if my device is stolen?
Without your password, the encrypted content is just random noise. The attacker can see the folder exists, but the contents are completely unreadable.
What if PenPage's servers are breached?
Your encrypted notes aren't on our servers — they're on your device (and your Google Drive if you sync). And even there, they're encrypted.
The trade-off
This level of security means we cannot help you if you forget your password. See #15 Forgot Your Password.
Perfect for
- Account passwords and credentials
- Personal journal entries
- Financial notes
- Anything you'd rather keep truly private
Your secrets stay secret. Not even PenPage can read them.