How encrypted notes actually work
When an app says your notes are "encrypted with AES-256," what is really happening — and how do you tell that from a screen that just hides the text behind a PIN?
Encryption is just a very good lock with a very long key.
Encryption turns your readable note into scrambled bytes that are useless without a key. The strength comes from two things: a good algorithm, and a key nobody else can guess or grab. Get either wrong and the lock is decorative.
The standard you want to see named is AES-256-GCM. AES is the cipher governments and banks use; 256 is the key length in bits, which is far beyond what any computer can brute-force; and GCM is the mode that also detects tampering, so a corrupted or altered note fails loudly instead of silently decrypting to garbage.
The short version
- AES-256-GCM = strong cipher + a 256-bit key + built-in tamper detection.
- Your passphrase is not the key; a function called PBKDF2 stretches it into one.
- "Encrypted at rest" means the stored file is scrambled — the real test is who else can decrypt it.
- A lock screen is not encryption. If the data is readable when the device is unlocked by anyone, it is just hidden.
From passphrase to key
You do not type a 256-bit key — you type a passphrase. The app runs it through a key derivation function like PBKDF2, which deliberately repeats the hashing thousands of times. That slowness is a feature: it makes guessing passphrases by brute force punishingly expensive, while costing you a fraction of a second when you log in.
This is why your passphrase choice matters more than the algorithm. AES-256 is unbreakable in practice; "password123" run through any key function is not. The lock is only as good as the key you feed it, which is why we wrote a separate guide on choosing a passphrase you will not forget.
"At rest" versus end-to-end
Two phrases get blurred in marketing. Encrypted at rest means the file on disk is scrambled. End-to-end encrypted means it is scrambled the whole way to any server too, so the company never sees readable text. A local-only app sidesteps the question entirely — if notes never leave the device, there is no server to trust.
| Claim | What it really protects |
|---|---|
| Lock screen / PIN | Nothing on disk — just hides the UI. Weakest. |
| Encrypted at rest | The stored file, if someone copies it off the device. |
| End-to-end encrypted | The file in transit and on the company server too. |
| Local-only + at rest | No server exists; the file is scrambled on the one device. Strongest for a single phone. |
How to sanity-check any "encrypted" app
Before you trust an app with anything sensitive, look for three things. Does it name a real algorithm (AES-256, ChaCha20) rather than vague "bank-level security"? Does it say where decryption happens — on your device, or on their server? And does it admit what happens if you forget the passphrase? An app that can email you a reset link can also be compelled to read your data.
That last point is the honest tell. "No recovery" sounds scary, but it is the signature of an app that genuinely cannot read your notes. Convenience and zero-knowledge privacy pull in opposite directions; the right pick depends on whether you are storing grocery lists or source code and secrets.
Encryption questions, answered
Can AES-256 be cracked?+
Not by brute force with any current or foreseeable computer — the number of possible keys is astronomically large. Real attacks target the weak points around it: a guessable passphrase, malware on an unlocked device, or data that was never encrypted in the first place.
What does GCM add over plain AES?+
GCM is an authenticated mode: along with encrypting, it produces a tag that verifies the data has not been altered. If a single byte is changed, decryption fails instead of returning corrupted text, which blocks a whole class of tampering attacks.
Is "encrypted at rest" enough?+
For a single-device, local-only app, yes — there is no server in the picture. For a cloud app, you also want end-to-end encryption so the company never holds readable copies.