Private Notes

An open source project by Mounir IDRASSI

Private Notes is a secure, user-friendly app for managing personal notes locally.

About Private Notes v1.75

Private Notes is an open-source web application designed to provide users with a secure, private, and offline method for storing their personal notes.

Created by Mounir IDRASSI, this app ensures complete user privacy by storing all notes locally on the user's device. No external servers, cloud storage, or data-sharing mechanisms are involved. All data is stored in your browser with optional encryption. With password-based encryption, only you can access your protected notes and your password is never stored or shared. Customizable notes, tags, and an export/import feature ensure easy backup and restore while keeping your data private and secure.

Technical Details

Data Storage: Notes are primarily stored using IndexedDB, a robust, low-level API for storing structured data. If IndexedDB is not supported by the browser, the app will automatically fall back to using localStorage to store the notes as JSON strings.

IndexedDB ensures that even large amounts of data can be managed efficiently, while localStorage provides a simpler but effective alternative for older browsers.

Encryption: The app offers password-based encryption for added security. When a user chooses to encrypt a note, the content is encrypted locally before being stored. The encryption process uses the following:

  • Key Derivation: PBKDF2-HMAC-SHA256 with 1,000,000 iterations is used to derive a strong encryption key from your password. This makes it computationally expensive for attackers to brute-force the key.
  • Encryption Algorithm: AES-GCM (Advanced Encryption Standard in Galois/Counter Mode) is used for encrypting the note content. AES-GCM provides both confidentiality (encryption) and integrity (tamper detection). This ensures that your notes are secure and that any unauthorized modification will be detected.
  • Salt and IV: A unique random salt and initialization vector (IV) are generated for each encrypted note, further enhancing security.

The encryption and decryption processes are handled entirely within the browser using the Web Crypto API. Importantly, the user's password is never stored or transmitted. Only encrypted data is stored locally, and decryption is possible only by providing the correct password during access.

Backup and Restore: Users can easily back up their notes by exporting them to a JSON file. Similarly, notes can be restored by importing the JSON file back into the app. No external services are involved in this process, ensuring data privacy is maintained.

You can find the source code and contribute to the project by visiting our GitHub repository.

Privacy Policy

At Private Notes, we value your privacy. This web application is designed to be fully offline, ensuring that no data is ever transmitted outside your device. All notes are stored locally in your browser using localStorage or IndexedDB.

Key Privacy Principles:

  • No external servers: All data is stored locally on your device. The app does not use any form of cloud storage or external servers.
  • No tracking or analytics: This app does not collect any personal data, usage statistics, or analytics. It operates independently on your device.
  • Optional encryption: The app offers password-based encryption for individual notes. Your password is never stored or transmitted. Only encrypted notes are saved locally, ensuring that only you can access them.
  • Backup and restore: You can export your notes in JSON format for backup purposes and import them at any time. No third-party services are involved in this process.

This privacy policy reflects the app’s core commitment to user privacy and security. As no data leaves your machine, there is no need for cookies, third-party services, or any form of external communication.