Secure Administration Notes by ScotsScripts.com

Technology: Secure Administration Notes stores notes and files securely, using modern encryption technology to make your data as secure as possible. Without the decryption key/password, your data can not be accessed, even if your site, server, or store are hacked. Encryption passwords can not be retrieved if forgotten.

Locked vs Unlocked: Unlocked notes are stored without encryption and files in unlocked notes are stored in their original format. Anyone with the URL for an unencrtyped file can download it. Locked notes are stored in encrypted format, the same with locked files. A locked file URL could be shared but if the encrypted contents were to be downloaded, they would be useless.

Note Content: Text for your note.

Note Title: Note titles are not encrypted therefore do not put anything sensitive into the title.

16 Character Encryption Password: This could be a phrase, a password, an address, whatever you will remember. After you create a new note you will never be able to retrieve this encryption password.

Password Hint: The password hint is not encrypted. If you create a secure note with a password hint, you'll see a symbol in the notes list that you can hover over to see display the hint.

Email Password: This is a one time option to send an email with the note title as the subject and the password as the body of the email. After you've saved the new note this option is turned off.

Changing from Non-Secure to Secure notes: If you create a non-secure note than later change it to be secure, the note itself will be encrypted but any files that had already been uploaded to the note will stay non-encrypted. You will need to delete the files and reupload them to encrypt them.

Changing from Secure to Non-Secure note: This is not supported.

File Size Considerations: The act of encrypting and decrypting files can use a lot of server resources depending on the size of the file. This utility is not intended to store huge files such as media files or archives. The optimal file sizes are the same as file sizes for images and other web resources. A good rule of thumb is if the size of the file is small enough to work well as a web page resource, then it will also work well in this utility.

Turning notes on for page editing: Enable the Secure Admin Notes tab when editing pages by assigning the securenotes page item to the page.

FAQs

What kind of encryption does this module use?
The main encryption method is Blowfish. Once a note or file has been encrypted via blowfish, then the note/file is encoded as base 64 and stored.

It is really secure? What if someone hacks my site or admin account?
It is REALLY secure. Every hacker in the world could have your encrypted data and unless they knew or guessed the key/password, they would not be able to see your data. Your notes and files are as encrypted as modern technology can make them with this module.

Is there a file size limit?
Yes and no. The limit to file size is based on server power and site resources. A good rule of thumb is to upload files that are good "web size" to your notes.

How can I retrieve my key/password if I forget it?
You can't.

How to solve this? Don't forget your password.

When you create a new note there is an option to send the note title and the password to your email address so you can keep them somewhere safe.

Each note can also have a password hint.

Note titles and password hints are stored non-encrypted.

Is there any way at all my data can be hacked?
Sometime in the future when quantum computing becomes mainstream all current forms of encryption will be obsolete but until that time there is no way your data can be hacked unless someone knows or guesses your encryption password.

What if my encryption password isn't exactly 16 characters?
Doesn't matter. Passwords that are more or less than 16 characters are handled by the module. It is recommended to err on the side of more than 16 characters rather than less. It makes it a lot harder for a potential hacker to guess what it is.