Your Obsidian vault, synced across devices and encrypted before it ever leaves the one in your hand. Contents and file names both — on every plan.
Sync is convenient, but it means handing your notes to a server. End-to-end encryption is what makes that safe: your vault is scrambled on your device with a key only you hold, so the sync service stores ciphertext it can't read. For a private knowledge base, that's the difference between "backed up" and "exposed."
| Note contents | AES-256, on your device |
| File & folder names | Encrypted (opaque IDs on the server) |
| Encryption key | Never leaves your devices |
| What our server can read | Nothing — ciphertext only |
| Available on free plan | Yes |
For the full technical breakdown — algorithms, key derivation, and what each option protects against — see how encryption works.
Official Obsidian Sync also offers end-to-end encryption. remotely-save and Self-hosted LiveSync can encrypt, but it's optional and you configure it yourself. Syncthing encrypts in transit between your own devices but has no cloud and no iOS app. Obsyncian's stance: encryption on by default, contents and paths, on every tier. See the full comparison of Obsidian sync options.
Set it up in two minutes. Install Syncian from Community plugins, get a login code from the Telegram bot, choose an encryption passphrase, and link your vault. The plugin verifies the passphrase locally before syncing, so a wrong one fails safely.
It depends on the tool. Obsyncian encrypts end-to-end by default: with a passphrase set, your notes and file names are AES-256 encrypted on your device before upload. Official Obsidian Sync also offers end-to-end encryption; remotely-save and Self-hosted LiveSync make it optional and manual.
It means the encryption key never leaves your devices. Your vault is encrypted on the device that uploads it and only decrypted on your other devices. What our servers and object storage hold is ciphertext with random IDs — we can't read your notes, and we couldn't hand them over even if compelled to.
Both. Many tools encrypt file contents but leak your file and folder names as metadata. Obsyncian encrypts the paths as well, so the structure of your vault isn't exposed — the server only ever sees opaque random identifiers.
Your synced data becomes unrecoverable — that's the point of real end-to-end encryption; there's no backdoor or reset. Your local files are untouched, so you can unlink, set a new passphrase, and re-sync from your device.
Yes. Encryption isn't a paid upgrade — it's on by default on every tier, including the free 50 MB plan.