🔒 End-to-end encrypted

Secure, End-to-End
Encrypted Notes.

All content is encrypted directly in your browser. The server never sees plaintext — not even us.

Get started → How does it work?
Features

Everything you need

No bloat. Just the essentials — secure and fast.

End-to-end encryption
Every note is encrypted with AES-GCM 256-bit before it leaves your browser. Only you can read it.
Zero-knowledge
Your password and content never leave your browser as plaintext. The server stores only ciphertext.
Rich text editor
Bold, italic, headings, lists, code blocks — with live preview and spell checking in multiple languages.
Per-note todos
Attach a task list to any note. Todos can be reordered via drag & drop and are encrypted too.
Encrypted file attachments
Attach files to any note — images, PDFs, or any document. Everything is encrypted in your browser before upload and only ever decrypted for you.
Full-text search
Search titles and content of all notes — locally, without any server contact, with highlighted matches.
Auto-logout
After 10 minutes of inactivity you are automatically signed out, with a 60-second warning and the option to stay logged in.
JSON export
Export all your notes and todos in one click as a JSON file — for your own backup.
Dark & light mode
The interface automatically adapts to your system preference — elegant dark or clean light.
Keyboard shortcuts
Navigate entirely without a mouse. Ctrl+N for a new note, Ctrl+S to save, arrow keys for the list — and many more.
Categories
Organize your notes with color-coded categories. Drag & drop to reorder them — so you always stay on top of things.
Inline images
Insert images directly into your notes — with alignment options left, center, or right. Encrypted, of course.
Audio recording
Record voice notes directly in your browser. The recording is encrypted and attached to your note.
Import
Import notes, todos, and attachments from a JSON file — for example from a previous export or another device.
How it works

Security without compromise

Three simple steps — and your data is permanently safe.

Create an account
You choose a username and password. Two independent keys are derived locally from your password: an auth key for signing in and an encryption key for your data. The password itself never leaves your browser.
Write notes
Every note is encrypted in your browser with your personal master key before being sent to the server. The master key is randomly generated when you create your account and is stored encrypted on the server — only you can decrypt it.
Access securely anywhere
On your next login, your browser decrypts the master key locally and loads your notes. The server only ever transfers ciphertext — even a compromised server reveals nothing.

Important: Because your password never leaves your browser and all data is encrypted solely with it, there is no password recovery. Anyone who loses their password permanently loses access to all stored notes.

Technology

Under the hood

No marketing promises. Just concrete numbers and standards.

AES-GCM
256-bit encryption for every note — with a unique IV each time
PBKDF2
600,000 SHA-256 iterations for key derivation
0
Bytes of plaintext that ever leave your browser
WebCrypto
Native browser API — no external crypto libraries
CSP
Strict Content Security Policy, no inline scripts

Ready? Takes 30 seconds.

No newsletter, no email — just pick a username and password.

Open Encrypted Notes →