How Safe Is My Data?
A clear view of when encryption is deployed, how your data is protected, and how to best safeguard your most sensitive information.
When creating a "second mind" of your own ideas, research, and insights, it's only natural to wonder how secure that information is stored. Mind Dump's approach to security is a balanced one, where bleeding-edge protective protocols are combined with the practical realities of running an AI-powered thinking machine.
Here's a clear view of when encryption is deployed, how your data is protected and how to best safeguard your most sensitive information.
Optimised for Speed and AI Insight
Database-level encryption at rest.
The core Zettelkasten data โ your standard notes, titles and text โ are protected with database-level Transparent Data Encryption (TDE). This means your data is fully encrypted at rest on our storage servers with the latest AES-256-bit cryptographic keys.
However, in order for Mind Dump to be an active communication partner and not just a passive filing cabinet, this data is transparently decrypted in memory when it is handled by the application layer of the system. This method is ideal for this particular system for very practical reasons:
The system's AI constantly scrutinises your notes, performing thousands of text comparisons and computing semantic vector similarities to figure out the best context and spot for new thoughts. The data is decrypted in memory during processing, allowing for extremely fast AI routing and search speeds, without compromising the security of the underlying storage system.
We process your data only to enhance your personal experience. Mind Dump only uses enterprise-grade AI models that never use your notes, search queries or personal insights to train public models.
End-to-End Encryption of Secrets
Zero-knowledge protection for your most sensitive information.
While your general notes utilise database-level encryption for real-time AI indexing, Mind Dump features a dedicated, zero-knowledge encryption layer for your most sensitive information.
With Mind Dump you can create custom fields that you mark as "Secret" fields. These fields use a Passphrase-based End-to-End Encryption (E2EE) system. When you use a Secret field, your data is encrypted directly on your device (client-side) using an AES-256-GCM cipher before it's sent over the internet.
With this zero-knowledge architecture, our servers only receive and store scrambled ciphertext. The system cannot and will not decrypt this data. This way your ultra-secret data is completely unavailable to anyone, including our system administrators, unless they have your personal passphrase.
Note: This data is encrypted end-to-end before it reaches the server, so the AI engine cannot read, index, or link fields marked Secret.
Active Defence: Transit, 2FA and Hijack Detection
Rigorous measures to protect your account from unauthorised access.
In addition to how data is stored, Mind Dump uses rigorous active security measures to protect your account from unauthorised access:
In Transit Security
All browser-to-server communications are encrypted with modern SSL/HTTPS encryption, so your data is safe in transit. It employs HTTP Strict Transport Security (HSTS) protocols to ensure your browser always connects securely.
Two-Factor Authentication (2FA)
Users have the option of using 2FA to add an important layer of login verification.
Hijack & Impossible Travel Detection
Real-time monitoring of IP addresses and User-Agent data to prevent session hijacking. In cases of a series of accesses from physically impossible locations in a short period of time, the system will immediately identify the "impossible travel" and will automatically block access or request a 2FA verification.
Best Practises: Storing Bank Details Here?
A basic rule of digital hygiene.
Would you like to include your bank details, PINs or cryptocurrency seed phrases to Mind Dump? Only if you only use the end-to-end encrypted "Secret" fields.
This is a basic rule of digital hygiene. Never entrust any digital knowledge base with highly sensitive credentials unless you are placing them directly into a zero-knowledge encrypted container designed to store credentials.
How Safe Is My Zettelkasten?
All in all, Mind Dump is a very secure place for most of the notes you put into a Zettelkasten: reading notes, philosophical musings, journal entries, research. You get the absolute best of both worlds: a brilliant, interconnected AI thinking partner, and total peace of mind, by combining enterprise-grade AES-256 database encryption at rest with unbreachable End-to-End Encryption for your custom secrets.
Explore More
Now that you understand how your data is protected, dive into best practices for building and maintaining your Zettelkasten.