Great to see this being considered. A lack of proper end-to-end encryption is the one thing keeping me from going premium on Dynalist or Workflowy - I need some reassurance that compromised servers wonât also compromise my data!
4 Likes
I see the problems of encrypting all content with a single key, so I voted for encrypting each document individually.
However, it would still be nice to encrypt everything with a single key during export (both manual and automatic). This would reduce the number of possible breaches from three or more (Dynalist server, Google or Dropbox server and every single computer or medium containing a manual backup copy) to just one (Dynalist server). And it wouldnât induce the problems of end-to-end encryption.
(I know that there is a feature request regarding encrypted automatic daily backup, but I think that the above might be beneficial to your poll.)
1 Like
I feel the âjust oneâ breach point (i.e. Dynalist server) is what people are most concerned about, therefore weâre only asking about end-to-end encryption vs simple password protection here.
For me, a backup needs to be useable outside of Dynalist. How does that happen if itâs encrypted. Is there a way if I know the key to decrypt it apart from DynaList?
1 Like
Thanks for your answer â so do I.
Itâs hard to explain why I wrote this. Maybe like this: Iâm a developer myself, and it has always helped me when someone pointed out (seemingly) related things. 
The export key could simply be stored in Dynalistâs settings. But I did not want to hi-jack this topic and think that further discussion of this topic should happen in *Encrypted* automatic daily backup. Thanks!
I asked the same question there with no answer. I also disagree that this is an independent question. The purpose of backup is an independent copy of my data. Encryption secures my data from reading. Backing up my data unencrypted foils the security. Backing up my daa encrypted also must be decryptable by me or the backup feature becomes pointless. I assume these matters impact the poll.
One solution is to provide a lightweight standalone HTML page that would take a .zip file, a key, and output the decrypted content.
Because this HTML page doesnât need to have any of Dynalistâs functionalities, it can be quiet small and lightweight. Itâs not prone to change either. You can download it once and store it in your Dropbox/GDrive for later use.
3 Likes
I would suggest to use a standardized encryption scheme so that third party apps (e.g. apps that operate over the api, say Quick Dynalist) also can use the respective decryption / encryption routines.
Of course, itâd likely be something like AES-128 which I believe is one of the most popular encryption schemes around for this kind of use-case.
Itâs great to see that you are seriously considering adding encryption to Dynalist. Do you have any ETA for it?
2 Likes
i voted for encrypting all of dynalist with a key first because i was thinking that encrypting each document individually would mean having to have a separate key for each one⌠but maybe im reading that wrong? could you just use the same key to encrypt multiple documents?
that would be my use case anyway. i would probably encrypt most of my documents and leave the 2 or 3 documents i want to share unencrypted
i wouldnt be too worry about losing the encryption key myself. i would have it stored in my keepass database which is backed up to multiple locations!
For my needs of private journaling, the ability to password/PIN protect on a document-level(and encrypt the document with the same password) a great solution. I imagine it working the same way Apple Notes work, you can individually select which notes you want Locked and you can protect those with a PIN, and it syncs all the same on all devices requiring the PIN(separate from iCloud password) to view or edit Locked notes.
Right now the way I mitigate is by using Apple Notes for journaling and Dynalist for content I donât mind being public, if PINs come to Documents on Dynalist, I see no use of using Apple Notes.
-Michael 
Lack of encryption is the only thing thatâs holding me from migrating to Dynalist. Can you give us an ETA on this feature? So I donât have false expectation. Thank you.
2 Likes
I would really like to use client-side encryption. If there is client-side encryption I can upgrade to Pro!
I can find a card on Trello Dynalist Roadmap about âend-to-end encryptionâ but there could be a difference between end-to-end encryption and client-side encryption. Where can we vote for client-side encryption on the Trello Dynalist Roadmap?
@Erica You already have end-to-end encryption implemented for Obsidian, and if I understood correctly, you guys wrote the software during the lock-down. So would you please tell us why itâs so challenging to implement (End-to-end or client-side) encryption for Dynalist?
People are more privacy-aware than ever before and it has been years since asking for this feature and I am just curious about what is preventing you from implementing this feature.
It would be great to hear from you. Thank you so much!
Agreed. Personally I donât even need encryption, I literally just need the ability to store the database locally without pushing it to a web service.
This oneâs easy to answer: DynaList follows a different architecture. The Obsidian architecture has all processing occur on the client side, so sending to another client is as simple as encrypt-send-decrypt.
The DynaList architecture does most processing on a server database, so every operation that deals with text needs to have access to that text, and that will be on their server, not on a client end.
