Flowvault · Blog
Deep dives, guides, and honest comparisons.
Long-form writing from the team: how the cryptography inside Flowvault actually works, practical walkthroughs of every feature, and no-punches-pulled comparisons against ProtectedText, Standard Notes, Bitwarden Send, Privnote, and the rest of the landscape. No marketing fluff, no SEO doorway pages — just the posts you'd want to read if you were about to trust a browser tab with a secret.
Bring Your Own Storage: running Flowvault with the ciphertext on your own disk
Flowvault 1.2 adds a local-file backend: your whole encrypted vault lives as a single .flowvault file on your own disk, and our servers never see the ciphertext. Here's the exact file format, the threat-model trade-offs, and what's next (S3, WebDAV, and beyond).
Read the post
The .fvault format: zero-knowledge backups for an encrypted notepad
A Flowvault backup is exactly the ciphertext the server already holds — no passwords inside, no plaintext, no accounts, and still decryptable on a self-hosted instance. Here's the exact format and why the trade-offs look the way they do.
Read the post
Encrypted Send vs Bitwarden Send vs Privnote: account-less one-shot secrets compared
If you just want to share a password, an API key, or a recovery phrase once, which one-shot link service should you use in 2026? A detailed, honest comparison of Flowvault Encrypted Send, Bitwarden Send, Privnote, OneTimeSecret, PrivateBin, and 1Password Share.
Read the post
Flowvault vs ProtectedText: an honest, technical head-to-head
ProtectedText has been the default zero-knowledge notepad for 15+ years. Flowvault is a newer entrant with four specific technical differences: no legacy password-keyed blob, AES-GCM instead of AES-CBC, VeraCrypt-style hidden volumes, and an open-source server. Here's the honest head-to-head.
Read the post
How to use Flowvault: a complete beginner's guide to zero-knowledge notes
A practical, feature-by-feature walkthrough: your first vault, multi-tab notebooks, decoy passwords, trusted handover, time-locked notes, Encrypted Send, and zero-knowledge backup / restore. No screenshots — just the exact clicks.
Read the post
Plausible deniability for notes: how Flowvault's hidden volumes actually work
Flowvault is the only browser-based encrypted notepad with VeraCrypt-style plausible deniability: multiple passwords unlock different notebooks on the same URL, and nobody can prove how many notebooks exist. Here's exactly how the format works.
Read the post
Time-locked notes: writing messages you literally cannot read until a future date
A future-self letter, a scheduled disclosure, a recovery envelope — time-locked notes let you encrypt something that literally cannot be read before a target date, not even by the sender. The drand randomness beacon does the heavy lifting.
Read the post
Trusted handover: giving a beneficiary access to your encrypted notes, the right way
Set up a trusted beneficiary who can decrypt your vault if you stop checking in — without telling them the password in advance, without a mandatory account, and without ever letting the server see a plaintext key.
Read the post
Why I built Flowvault: an honest, zero-knowledge encrypted notepad for 2026
Every existing encrypted notepad I tried in 2026 made one or more painful compromises — legacy cipher modes, closed server code, no deniability, or a mandatory account. Here's why I wrote Flowvault instead of living with them.
Read the post
Want a topic covered?
Open a discussion on GitHub or browse the FAQ and the security page for shorter-form answers.