Every security product faces the same temptation: make the secure path annoying enough that users route around it. Password managers that log you out hourly. Encrypted notes apps that make you re-enter a passphrase per document. The encryption is real, but it doesn't matter, because sensitive data ends up in a plain text file named passwords.txt anyway.
When we built the NoteLounge Vault, we set the bar differently: it had to be zero-knowledge and feel as effortless as a normal note. Miss either half and you've failed.
Zero-knowledge, concretely
Everything in your vault is encrypted on your device before it touches the network. Keys are derived from your master passphrase and never leave your hardware. What our servers store is ciphertext we cannot read — not for support requests, not for subpoenas, not for anyone. 'Zero-knowledge' is a precise claim: we know nothing.
This has a sharp edge we refuse to sand off dishonestly: if you lose your passphrase and your recovery kit, we cannot reset it. We tell you this up front and generate the recovery kit during setup, because a vault we could open for you is a vault someone else could open too.
Where the friction actually went
The trick to frictionless encryption isn't weakening it — it's moving the cost to moments where you don't feel it. You unlock the vault once per session with your passphrase or biometrics; key derivation happens while the UI is already responding. Inside, a vault entry behaves like any other item in NoteLounge: searchable by title, organized the same way, one tap to copy a secret.
The vault sits beside your notes, tasks, and calendar rather than in a separate app you'd forget to open. The secure place is also the convenient place — which is the only arrangement under which people reliably use the secure place.