Remember user

[linonetwo]

It's quite an effort to remember to encrypt every time before publishing the wiki. If I forget, then the tiddler will publish to the web without encryption.

Can you encrypt all tiddlers that matched by the filter on saving (if there is a hook for that)? And then auto decrypts it, so it can be view by the user.

And auto decrypts all the tiddlers on startup, if the user has entered the password on this browser. You can save previously entered password to localstorage.

[linonetwo]

Use this hook https://tiddlywiki.com/dev/#Hook%3A%20th-saving-tiddler

[linonetwo]

I found my suggested workflow buggy... You can't keep the wiki in the browser have decrypted tiddler, while save a encrypted version to the disk.

[hchaase]

I second this. Unfurtunatetly I can't help with the code, but let me give some motivation with my use case.

(btw great to see you active again. I thought you had left from the wiki-verse. Hope to see you on the forum again)

I used to use full wiki encryption but now I use the batch encryption from your plugin systematically and it is great.

I have sorted through my wiki (by categories) and gave almost every tiddler either the tag -private or -public. all new tiddlers also get one of these tags. then I use the batch encrypt to encrypt all with tag -private and exclude all with -public (just to be extra certain dont miss something or double tag).

it is better than full encryption by:

• better performance (especially on mobile). the wiki starts up a lot faster, and if I dont need my encrypted tiddler that day, I dont even have to decrypt. this is so good on mobile.
• (as you also point out) not all will be lost if password is lost.
• if I disappear my relatives will still be able to read some of my wiki.

I realy like this, but I relay miss the automatic encryption that full wiki encryption had. If you could implement this it would be so cool!

an idea: would it be more easy to modify the full wiki encryption to use the batch/filter encryption instead??

[danielo515]

Hello @hchaase and @linonetwo

(btw great to see you active again. I thought you had left from the wiki-verse. Hope to see you on the forum again)

Are you talking to me? If so, thanks for that.

My main concerns about all this is, obviously, security. There is no secure way to store a password other than in memory inside a particular module, but then you can not share that memory, so accessing it to automatically encrypt the tiddlers is also impossible.

So, to put you all in context: if the password can be read by the wiki code, it can be read by any injected code. You may not be aware, but it is easy to accidentally include some code on your page: use a library, add a <script> tag that promises you awesome table management, paste some random code on your browser console or install the wrong extension, and the malicious code can get it.

Tiddlywiki has the advantage of having a very weird architecture and not being mainstream, but the risk is there.

I'm more open about delaying the wiki save by asking the user to re-type the password before the wiki is saved, then encrypt back all the tiddlers and then let the wiki save. This can be achieved by targeting tiddlers with certain tag. But then, you will loose one of the other features that I like: the ability to have a different pasword per each tiddler.

A solution I would like more will be to provide a temporary decrypt button, this means that the tiddler is decrypted to an ignored tiddler that will never be saved. This way, the password doesn't need to be stored, the tiddler will be saved encrypted and the user doesn't need to retype the password. However, you will need to perform full decription if you want to modify it.

Please let me know your opinions about this.

it is better than full encryption by:

Thanks for outlining some extra benefits I never thought of!! cool.

[linonetwo]

A solution I would like more will be to provide a temporary decrypt button, this means that the tiddler is decrypted to an ignored tiddler that will never be saved. @danielo515

I thought about this, I think we can only encrypt on save, make this happen automatically https://groups.google.com/forum/#!topic/tiddlywikidev/NkwtOg3HGf0

(btw great to see you active again. I thought you had left from the wiki-verse. Hope to see you on the forum again)

I was making a SoLiD SyncAdaptor years ago https://github.com/linonetwo/solid-tiddlywiki-syncadaptor With it, we can log in to a BaaS (backend as a service), and save tiddlers tagged with Private to the private data bucket. But I found the SoLiD server is very difficult to use, so I abandoned it, waiting SoLiD project to evolve, so I can have a wiki that can contain public and private content.

Without being able to have both public and private content in a single wiki, I don't want to use TiddlyWiki. So I spend some time with node-solid-server last year, but it is too complex, so I didn't managed to make it good enough to work with TiddlyWiki.

But why I use TiddlyWiki again? Actually, I found I can use private GitHub repo to store private content, and store tiddlers tagged with Private to the private repo by modifying $:/config/FileSystemPaths

So this is my final solution...No need for a password. Through this solution requires me to use NodeJS version of Tiddlywiki (which is very resource consuming in the mobile): https://github.com/linonetwo/Tiddlywiki-NodeJS-Github-Template

I will continue my work on SoLiD though, I think that will be the best solution, it requires a password to log in, and store password in the local storage, and can sync tiddlers like you are using a NodeJS wiki, but you can use it on an HTML wiki on mobile.

[danielo515]

store password in the local storage,

I don't recommend you to do that, as a friend 😄

[danielo515]

I thought about this, I think we can only encrypt on save, make this happen automatically https://groups.google.com/forum/#!topic/tiddlywikidev/NkwtOg3HGf0

My proposal is to not save the tiddler at all. There are certain tiddlers prefixes that are never saved, so for example, if you have a tiddler named MyTiddler1 I can decrypt it to /temp/MyTiddler1 and it will not be saved, so you will be able to see it, and when you close your TW it will just disappear, leaving only the original, encrypted one.

[hchaase]

(btw great to see you active again. I thought you had left from the wiki-verse. Hope to see you on the forum again)

Are you talking to me? If so, thanks for that.

Yes you :) (but good to see you too @linonetwo)

Tiddlywiki has the advantage of having a very weird architecture

hehe TW is weird on more than one level :)

hmm You have some very interesting solutions here.

I'm more open about delaying the wiki save by asking the user to re-type the password before the wiki is saved,

This would solve the problem but be more cumersome. but maybe faster to implement?

But then, you will loose one of the other features that I like: the ability to have a different password per each tiddler.

not nessesarily. The way i use your plugin, I have several encryptions categories. I have:

• work reltated encrypting
• ad- hoc / private stuff encryption

these get encrypted by tag/ batch encrypt or individually. after that I use the batch encrypt to encrypt the:

• [tag[-private]!tag[-public]]

and some of it is double encrypted.

A solution I would like more will be to provide a temporary decrypt button, this means that the tiddler is decrypted to an ignored tiddler that will never be saved. This way, the password doesn't need to be stored, the tiddler will be saved encrypted and the user doesn't need to retype the password. However, you will need to perform full decription if you want to modify it.

This sounds very good if it can be done with a good UI.

can you make this so the tiddles are "usable" as normal in the wiki (not $/:temp).

maybe, when you want to edit, you could make a popup like "decrypt to edit". But what to do whe you save again?

I think this could be a very nice solution. I wonder how the full tw encryption does it? maybe there are something there that can be reused.

[danielo515]

Thanks for your extensive write up @hchaase , I'll just quote one of your points, and I will answer the rest later:

I wonder how the full tw encryption does it? maybe there are something there that can be reused.

Do you mean that TW re-encrypts itself automatically? I never used tw wide encryption, so I don't know. I think they have a password vault. If that is the case, I think it may be reused (not sure how secure it is, but anyway)

[hchaase]

Do you mean that TW re-encrypts itself automatically?

I think so, but I don't know any details, only user experience. you only have to give the pw when decrypting. when you save it is encrypted automatically.