End-to-End Encryption FAQ

Day One encrypts your data, protects your privacy, and safeguards your data from end-to-end (client app to server).

See our blog post on Day One Encryption

What is end-to-end encryption?

End-to-end encryption utilizes a private key to encrypt all entries before they reach Day One servers. With possession of the encryption key stored locally on the device (and securely in CloudKit), maximum security is assured for journal data.

How do I use this feature?

End-to-end encryption is enabled by default for all new journals created after version 4.2. For journals not previously encrypted, it can be enabled manually. Go to Journals in Day One’s Settings, then select the journal you want to encrypt. Follow the on-screen instructions to complete this process. Instructions to enable end-to-end encryption are found here.

What if I lose my encryption key?

When using end-to-end encryption, it is essential you save your encryption key in a secure location. Day One is currently storing the key securely using CloudKit associated with your Apple ID. In a future update, we will offer an option to disable this if desired. If the option to store the key in CloudKit is disabled, please save a copy of the key.  If the key is lost, encrypted journal stored in the Day One Sync cannot be decrypted. Day One does not have access to the private key at any point.

What is standard encryption?

This is the old encryption option prior to end-to-end encryption. Standard encryption encrypts your data “at rest” on our servers and securely transfers the data from our servers to the Day One app. This used to be the default. As of September 2019, new journals are generally created with end-to-end encryption as the default. While very secure, this standard security requires that Day One staff holds the keys to decrypt journal data.

 

How can I trust your encryption service? Has it been reviewed by third-party security experts?

After over a year of development work, we enlisted the services of nVisium, a noted security firm, to review our end-to-end encryption architecture. They found four medium-severity risks and three low-severity risks.  We have evaluated the remaining items and implemented solutions where we feel they are appropriate.

When was end-to-end encryption released?

End-to-end encryption is included in the 2.2 update for both iOS and Mac.

Does Day One Android support end-to-end encrypted journals?

Day One Android has supported end to end encryption since our 2.0 release.

Does IFTTT work with encrypted journals?

Yes! If Day One is already connected in the IFTTT account, you may need to reconnect it for the encrypted journals to appear. See the troubleshooting steps in this guide: Using IFTTT with Day One

I need more help. How can I contact you?

Please visit https://dayoneapp.com/contact to contact our support service.

Journal from here, there, everywhere.

Download for free on iPhone, iPad, Mac, and Apple Watch.

iOS
Journal from here there and everywhere mobile devices image.Journal from here there and everywhere mobile devices image.

Android Play Store
A Day One companion app is available for Android on the Google Play store.