I thought it would be great for users’ peace of mind for long term use of this app / service is to enable the users to put in their own passphrase for encryption. This is particularly important if our data is stored or accessible by 3rd party that we do not have 100% visibilty and control
First and foremost let me emphasize that our number one priority as a company is our users privacy, which is why we are committed to never providing your data to 3rd parties, we are fully GDPR compliant and we continually work on improving our TLS posture with the goal of exceeding industry standards.
Regarding where and how your data is stored, all your data is stored in our Google servers (based in Belgium) using AES-256 bit encryption to secure your database connection credentials and store your data at rest. Furthermore in order for Google to be able to operate in Europe and meet GDPR standards they are legally prohibited from accessing any user data.
On the other hand, regarding your petition for user generated passphrase encryption, we have been investigating with the development team how we could incorporate it to the myReach platform.
Based on our initial investigation, the core underlying principles don’t seem to be “complicated” to implement. That being said there is a major problem with this feature… and as far as we know, has no solution…
Essentially, encrypting all your data with a user generated passphrase would make it impossible for you to search anything in myReach… Once of the key principles behind myReach is to help you find your data more easily – this would make that impossible.
Nevertheless, somewhat similar to Evernote, we are exploring the feature of enabling users to “encrypt” with a user generated passphrase sections of a note or specific nodes. But bare in mind that the encrypted content would NOT be searchable in anyway. Would that meet your requirements?
Let me know if my response is clear, look forward to hear back from you and thank you for your feedback!
this is not my experience using other apps such as Obsidian. I use the Obsidian sync, and one of the benefits if to enable used defined passphrase. I can still search for anything and everything, Perhaps the difference is that Obsidian has a local folder on each device that is sync to the cloud. Myreach has no local data, which leads to another issue , i.e. using the data offline. If we can use myReach offline, does it mean we can search (the cache?) or am I over-simplified things a lot?