About Secure Notes

Why is it Secure?

Secure Notes uses a Zero-Knowledge architecture. This means your data is encrypted before it ever leaves your browser or is stored on our server. We do not have access to your keys or your notes.

AES-GCM 256

Industry-standard authenticated encryption ensures your notes are both private and tamper-proof.

PBKDF2 Derivation

Your keys are derived from your Phrase and PIN using 100,000 iterations, making brute-force attacks extremely difficult.

No Persistent Keys

Encryption keys exist only in your session. Once you logout or close your browser, they are gone.


How To Use

  1. Login: Enter a secret Phrase and a 4-digit PIN. These combined form your unique identity.
  2. Create Notes: Write your sensitive information and save it. It's encrypted instantly.
  3. Access Anywhere: Use the same Phrase and PIN from any device to retrieve your notes.
  4. Logout: Always logout when finished to clear your encryption keys from the session.

Warning: If you forget your Phrase or PIN, your notes are lost forever. We cannot recover them.


Frequently Asked Questions

Can the administrator read my notes?

No. Due to our Zero-Knowledge architecture, the encryption key is derived only from your Phrase and PIN, which are never stored on the server. The admin only sees encrypted, unreadable data.

Can someone decrypt my notes with a generic AES key?

No. AES-GCM encryption requires the exact same key used for encryption. Since your key is uniquely derived from your credentials, no other key—generic or otherwise—can unlock your data.

What is PBKDF2 and why 100,000 iterations?

PBKDF2 is a "key stretching" algorithm. By running 100,000 iterations, we make it computationally expensive for an attacker to try millions of combinations (brute-force). It's like adding a massive time-delay to every incorrect guess a hacker might make.

What happens if I lose my Phrase or PIN?

Because we don't store your keys, there is no "Forgot Password" feature. If you lose your credentials, the data is mathematically impossible to recover.