andsafe
andsafe is an android app that encrypts plain text notes. with version 3, andsafe3 is re-implemented with flutter and is now open source.
faq
i can’t remember my password. can you help me?
sorry. there is no backdoor to recover lost passwords.
how to backup my notes?
andsafe has no netowork function and hence it won’t sync anything to cloud. you are encouraged to backup your notes off your phone regularly. use the export notes function to backup all notes into a file. then copy the file to your computer as a backup.
note that although exported notes are in encrypted form, you should still safeguard the backup file.
where are my exported notes?
for andsafe v2, notes are export to the folder androidsafeexports under your internal storage of your phone. for andsafe3, it is under the app folder itself, e.g. /storage/emulated/0/android/data/net.clarenceho.andsafe3/files/documents.
note that for andsafe3, if you uninstall the app, you will also delete all exported files.
i used previous version of andsafe. can i import my notes into andsafe3?
andsafe3 can import notes from andsafe version 2 but not the other way around. just export your notes in andsafe, then open andsafe3 and use the import function.
the search function isn’t working
the full-text search can only match from beginning of whole word. for example, if the title is “password for foobar.com”, it can be found by searching “foo” / “com” / “pass” but not by “bar”.
that is the limitation of the database search feature and to be backward compatible with older android devices. maybe in the future we can utilize another search engine.
technical faq
what encryption algorithm is used?
andsafe uses aes in cbc mode with 256 bits key, which is generated by scrypt. aes implementation in dart is by pointy castle. to improve performance, scrypt is using a native c implementation by colin percival.
why each note is encrypted with a different key? why not just use a single master key for all notes?
the original andsafe v1 (called androidsafe back then) had a feature to share individual encrypted note. hence it needed to use the password to derive the encryption key for each note.
and that is why it take time to change password or importing notes, as the key needs to be generated for each note for encryption / decryption.
