When to use a shared note vs separate encrypted notes
One note with one password shared with the team, or one note per person? It depends what you’re trying to protect.
A shared note is one URL + one password that several people know. Everyone can read and edit. Good for: runbooks, shared credentials (e.g. a team vault note), or a doc that truly is “ours.” Separate notes are one URL + one password per person. Good for: private drafts, personal secrets, or when you don’t want others to see history.
Shared note: trust and revocation
Anyone with the password can change it (from the editor). So only share with people you trust. If someone leaves the team, change the password and redistribute to everyone who should still have access. We don’t have “remove user”—we have “change the password and don’t tell the old person.”
Separate notes: isolation
If each person has their own note, one leak doesn’t expose everyone. Use separate notes when the content is personal or when you want to minimize blast radius. You can still share a note later by sending the link and password to specific people.
FAQ: Shared note vs separate notes
Q1. When should I use a shared encrypted note?
Use a shared note when the content truly belongs to a group—runbooks, shared credentials, or team docs where everyone should be able to read and edit.
Q2. When are separate notes safer?
Separate notes are better when content is personal or when you want to limit blast radius. If one password leaks, only that one note is exposed.
Q3. How do I revoke access from someone on a shared note?
Change the note’s password from the editor and only share the new password with people who should still have access. There’s no per-user removal, just password rotation.
Q4. Can multiple people work in a shared note at the same time?
They can, but last write wins. If two people save conflicting versions, the newer save overwrites the older ciphertext.
Q5. How do shared notes fit with zero-knowledge?
The zero-knowledge model doesn’t change: encryption and decryption still happen in the browser with AES-256-GCM and PBKDF2-derived keys. Sharing only affects who knows the password, not what the server can see.
Where to go next
For more on collaboration and sharing patterns:
- Read “Opening the same note on multiple devices without sync hell”.
- Read “Sharing encrypted notes without leaking the key: what we learned”.
- Try creating both a shared and a separate note in Inkrypt at https://www.inkrypt.online and see which pattern fits your team.