Secret Diary by Xavi Esteve

A free online tool to save your personal notes, passwords or sensitive data securely encrypted and stored locally.

Important information

All content you write will be stored in your computer only, nothing is sent nor stored in this server. This ensures that your content is yours and you don't need to trust in someone else. But please, while this is the best way to keep your information secure, you are the only weak point and if you lose either the Salt (more on it below), the Password or your files you will lose everything forever. If that happens I'm sorry but there's nothing I can do.

FYI: I use Google Analytics so I can see which of my projects are more popular (check them out here) and prioritize development and maintenance. Analytics only accesses non-personal info like time spent on page or what country you are visiting from, nothing else, so don't worry. You can easily disable Analytics by installing a browser extension. Privacy Policy

How to use it

  1. Salt: When loading the Diary for the first time, you will be provided with a Salt.
    Copy and paste that code somewhere. It is accessible and editable by clicking the Salt button.
  2. Password: (Mandatory) Write a password at the top right of the page.
    The most important aspects of a good password is to be long and memorable so don't go crazy with something you won't remember.
  3. Title: (Optional) Write a Title or leave it as the date of today.
    Please note that the Title will be viewable publicly so don't write any sensitive information there.
  4. Text: Start typing your text just below.
    You can bold text by pressing Control+B amongst other things, you can even paste images and tables!
  5. Save: Press Save to download the encrypted file to your computer.
    While the contents are encrypted and secure, please save it somewhere safe for extra security.
  6. Load: To load an entry, type in the Password and select the file from your computer.
    You can have different Passwords and Salts for different entries if you'd like.

What is a Salt?

A Salt is something that makes your password more secure, it is generated the first time you load the diary, keep it safe and secret! If you lose it, you lose everything.

A Salt is an extra and necessary measure to strengthen the security. How it works is by making your password longer. Imagine your password is pie, someone could execute a Brute force attack by testing different passwords, starting with aaa then aab, aac, aad, aae… and so on until he got to pie. That wouldn't take long to crack…

The Salt is a very long text that is appended to your password so your password looks more like: pie (see your password at the end of it?). This will make it more difficult to execute the attack and it could take a very long time to crack.

Luckily, you don't need to remember the Salt every time, it is stored in your browser. But just in case you delete your browsing history/cookies or you change computers, make sure to store it somewhere (send it to your email, in a pendrive, etc.).

Security Advice

I'll keep this short, but I really need you to understand these simple concepts:

  1. The most important aspect of a secure Password is for it to be long and easy to remember:
    • p@$$W0rD+
    • ThisIsVeryL0ngAndMoreSecure!
  2. Keep your Salt and Files in separate locations: in a USB drive, SD card, an email… If you get a virus in your computer or your device is stolen, they may find one of the former but not the other one (which should be safely stored at another location).
  3. Always have more than one copy, if you drop some coffee on your laptop you could lose everything before you know it.

You can review all the code of this tool by viewing the source code, it is pretty small and I've kept it readable and unminified for this purpose. You (or a tech savvy friend) should be able to read it for your peace of mind. If you have any ideas or comments on how to improve this tool please get in touch.

Final disclaimer

I am not responsible for any data loss, hacking or anything else. I've developed and released this tool for free on my personal time. All the code of this tool is freely available for you to review.