Encryption is available in beorg 3.4 and later as part of beorg Premium or via the Encryption in-app purchase.
In beorg you can encrypt notes and any subitems belonging to an item.
When you use encryption for the first time you’ll be asked to enter a password. This password will be stored securely on your iPhone or iPad.
To decrypt an item, or encrypt another item, this stored password will be used. To use the stored password you’ll be asked to authenticate yourself using Touch ID or Face ID. This authentication will last for a maximum of five minutes. If you choose to Lock an encrypted item you have decrypted to view then you’ll need to use Touch ID or Face ID again even if the five minutes isn’t up.
The encryption used by beorg is called PGP. There are many tools for macOS, Windows, Linux, iOS and other platforms which can decrypt content you’ve encrypted with beorg. You’ll just need to use the item’s encryption password. For a guide on using encryption in Org mode see orgmode.org/worg/org-tutorials/encrypting-files.
It is possible to use different passwords for different items, however only the latest password is stored and accessible via Touch ID or Face ID. If when attempting to decrypt an item the stored password doesn’t work then you’ll be asked to enter it.
If you forget the encryption password you won’t be able to decrypt your content. The stored password isn’t saved to iCloud and never leaves your device.
beorg provides support for encrypting individual items using OpenPGP. In the current version of beorg only symmetric encryption is supported - that is the same key (password) is used for both encryption and decryption.
When an item is encrypted only the item notes, excluding dates and properties, are encrypted. This means that the item title, tags, state, priority, dates and properties remain unencrypted. This allows the item to be shown in the agenda and to be returned in search results. If an item has subitems everything about those subitems, including the fact that it has subitems, will be encrypted.
The encrypted item will be given the tag crypt
(this tag name can be changed). The encrypted contents remain as plain text and must not be edited (and the tag should not be removed). If they are edited you will likely lose the ability to decrypt the contents. Here is an example of what the encryption will look like when displayed in beorg or in the plain text org file:
-----BEGIN PGP MESSAGE-----
Version: GopenPGP 0.0.1 (ddacebe0)
Comment: https://gopenpgp.org
wy4ECQMIfa0+gW98Fo7g92NKx2keK6ChgSC9g+ljQBY88YBptFR9ivvAjEvRwzRi
0m0Bp5SJSEDN+JBXIBJqKAzNzdg4m+vGltgvKz922SvCsMcBlhZcbjSTtPP/Xnv5
Pjec3TBu6hwcHH7lrmHdu3BwS4KMOhUgA4GfnCaK4UQDP3M+k93XcRwF5hl/Aomd
lv6OpFGsnLpRQ1+1omsZ
=dRKy
-----END PGP MESSAGE----
When you enter a password to encrypt the item that password will be saved to the iOS Keychain if your iPhone or iPad has a passcode set. The password is saved with the protection class:
kSecAttrAccessibleWhenPasscodeSetThisDeviceOnly
This means that the password can only be accessed when beorg is in the foreground, is not available to your other iOS devices and won’t be restored via a backup. Additionally the userPresence flag is set so that the item can only be accessed via biometry (Touch ID/Face ID) or a passcode. When Touch ID is used you have up to five minutes before you will be asked again for your finger.
Whilst you can encrypt different items with different passwords only the latest password you enter will be stored in the Keychain and usable with Touch ID/Face ID.
There are no constraints on the minimum or maximum length password which can be used. Any leading or trailing spaces from the password will however be removed before being used.
If the password for an item is forgotten then it is highly unlikely that you’ll be able to recover the contents of that item.
If an item is encrypted you won’t be able to quick add notes from the agenda or TODO tab or use timers.
beorg uses the GopenGPG library (commit 136c0a5). The framework was built locally and included in the beorg app. For more details about GopenGPG see https://github.com/ProtonMail/gopenpgp.
GopenGPG is available under the following license:
(The MIT License)
Copyright (c) 2019 Proton Technologies AG
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to
deal in the Software without restriction, including without limitation the
rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
sell copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in
all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
IN THE SOFTWARE.