In August of 2016 we added a database format to OmniFocus which offers stronger security, faster sync, and paved the way for future features. Your data is encrypted as it leaves your device and stored encrypted on the server itself. All encryption and decryption happens locally, so your data is always encrypted end-to-end and the server you sync with never has access to your encryption passphrase.
Table of Contents
- What is an encryption passphrase?
- How can I tell if my database is encrypted?
- Why would I want a distinct encryption passphrase
- How do I change my encryption passphrase
- What should I do if I don’t know my encryption passphrase
- Will updating my Omni Account password change my encryption passphrase
- Why does the “linked” status not match between devices
What is an encryption passphrase?
An encryption passphrase is similar to a password, and is used to generate and decrypt the encryption key that protects the synced copy of your database. By default, OmniFocus uses your sync password — the password Omni Account or WebDAV server — as the encryption passphrase. However, you can also choose to set a distinct encryption passphrase that is not linked to your sync password. There’s more information about this in the sections below.
How can I tell if my database is encrypted?
-
OmniFocus 4 for Mac: Choose OmniFocus > Settings… in the menu bar, then go to Sync > Encryption
-
OmniFocus 4 for iPhone and iPad: Choose
> Settings, then go to Sync > Encryption
Here you will be able to see if encryption is active, and whether your encryption passphrase is currently distinct or linked with your sync password.
What does “Passwords are linked” mean in the Encryption settings?
This means that your encryption passphrase is the same as the current password for the Omni Account or WebDAV server you are syncing with. Because they
are linked, if you change your account password, when OmniFocus next syncs using the new account password it will update the encryption passphrase to
keep it the same as the new account password.
What does “Passwords are distinct” mean in the Encryption settings?
This means that your encryption passphrase and your password to your Omni Sync Server account are not the same, and changes to your account password have
no affect on the encryption passphrase.
Why would I want a distinct encryption passphrase?
A distinct encryption passphrase provides an extra level of security. If someone gains access to your sync password, and is able to log into your account, your OmniFocus data will still be inaccessible to them.
The tradeoff to this is you’ll now have two passwords you need to make sure you remember. With this method, we’d recommend using a dedicated password management system to keep track of both the sync password and encryption passphrase. If you reset your sync password, the separate encryption passphrase will remain as-is. Also, be aware that if you lose access to all the devices you use OmniFocus on and you forget your encryption passphrase, your OmniFocus database will be completely unrecoverable.
How do I change my encryption passphrase?
- In OmniFocus, go to Settings > Sync > Encryption.
- Choose Change Passphrase to set or update a distinct passphrase.
- If you have a distinct passphrase and want to re-link it, there will be a button to Link Passwords.
In OmniFocus 4, you will need to use Face ID, Touch ID, or enter your device’s passcode / login password to authorize this change. In OmniFocus 3, you will need to provide the previous encryption passphrase before you will be allowed to make a change.
What should I do if I don’t know my encryption passphrase?
Read our support article on Recovering from an unknown OmniFocus encryption passphrase.
Will updating my Omni Account password change the encryption passphrase?
Even when “Passwords are linked”, changing your Omni Account password will not immediately change the current OmniFocus encryption passphrase.
After updating your Omni Account password, you need to sync an already actively syncing copy of OmniFocus that knows the current encryption passphrase (i.e. the previous account password). That copy of OmniFocus will then be able to decrypt the server database and re-encrypt it using your new account password as the new encryption passphrase.
Why does the “linked” status not match between devices?
If you are using a custom WebDAV setup with unique requirements (for example, device-specific passwords), the encryption passphrase will be linked with the password for the first device that synced. If you have a situation like this, setting a distinct encryption passphrase will ensure each device shows the same status.
