When to use a shared note vs separate encrypted notes
One note with one password shared with the team, or one note per person? It depends what you’re trying to protect.
A shared note is one URL + one password that several people know. Everyone can read and edit. Good for: runbooks, shared credentials (e.g. a team vault note), or a doc that truly is “ours.” Separate notes are one URL + one password per person. Good for: private drafts, personal secrets, or when you don’t want others to see history.
Shared note: trust and revocation
Anyone with the password can change it (from the editor). So only share with people you trust. If someone leaves the team, change the password and redistribute to everyone who should still have access. We don’t have “remove user”—we have “change the password and don’t tell the old person.”
Separate notes: isolation
If each person has their own note, one leak doesn’t expose everyone. Use separate notes when the content is personal or when you want to minimize blast radius. You can still share a note later by sending the link and password to specific people.