An iPhone showing a locked Apple Note with its title still visible, next to a separate vault app holding files

iPhone Notes Lock vs a Vault App: What to Trust

Apple Notes can lock a note with Face ID or a password, and the content is genuinely encrypted. But a locked note is not the same as a vault. This guide shows what Notes locking protects, what it leaks, and when a separate vault is the safer home.

Locking a note in Apple Notes encrypts its body and is good enough for text secrets like a door code or a private journal entry. It has two gaps: the first line stays visible as the title, and a note locked with your passcode opens with the same Face ID that unlocks your phone. For files, photos, IDs, and recovery codes, a dedicated vault with its own key is the safer choice.

What locking a note actually does

When you lock a note, Apple derives a key from your Notes password or device passcode using PBKDF2 and SHA-256, then encrypts the note body and its attachments with AES in Galois/Counter Mode. Apple cannot read a locked note, and it stays encrypted as it syncs through iCloud. This is real end-to-end encryption, not a simple hide toggle.

You unlock a note with Face ID, Touch ID, or the password you set. Once you unlock one note, Notes keeps your other locked notes readable for a few minutes until you tap Lock Now or leave the app, so a single unlock opens every locked note in that window.

The title leaks even when the note is locked

A locked note hides its body and preview, but the first line stays visible as the title in the notes list. If that first line reads Wifi password or Bank login, the lock protects the value while still advertising the topic to anyone glancing at your screen.

The fix is to keep the first line generic. Put a neutral word like Notes or Misc on the first line and keep the sensitive content lower down. The title is the one part of a locked note that does not get hidden.

Passcode-locked notes are only as private as your passcode

Since iOS 16 you can lock notes with your iPhone passcode instead of a separate Notes password. It is convenient, but it means anyone who can unlock your phone can also open your locked notes. A partner who knows your passcode, or someone who watched you type it, gets in with no extra barrier.

A separate Notes password is stronger because it is a secret distinct from the phone passcode. The tradeoff is recovery: if you forget the Notes password, Apple cannot unlock your existing locked notes. Resetting only sets a new password for notes you lock from that point on.

What Notes locking cannot do

You cannot lock a note that you share with someone else, and you cannot lock a note that contains tags, PDFs, audio, video, or Pages, Numbers, and Keynote files. Notes kept in non-iCloud accounts, like Gmail or Yahoo over IMAP, cannot be locked either. Only notes on your device or in iCloud, without those attachments, support a lock.

Locked notes are also left out of search, which is good for privacy but means you have to remember where things are. And Notes is built for text and light attachments, not for keeping dozens of scans, screenshots, and documents behind one key.

What a vault app adds

A dedicated vault keeps files and photos behind its own key, separate from Photos, Files, and iCloud. That separation is the point: a locked note still lives inside the Notes app that anyone can open, while a vault is a different door. Vaultaire uses a pattern-derived key, so the secret is a pattern you draw rather than a string tied to your Apple ID.

A vault is also built for the things Notes handles poorly. Passport scans, ID photos, tax documents, and recovery sheets belong in an encrypted container that sits apart from the camera roll, not pasted into a note where a screenshot or a backup can expose them, and where Notes will not let you lock the PDF anyway.

When a locked note is enough

For a small piece of text you want to hide from a casual glance, a locked note is fine. A door code, the location of a spare key, a few lines of a private journal, or a software licence key are all reasonable to keep in a locked note, as long as the first line stays generic.

Use a separate Notes password rather than your device passcode when the note really matters, and accept that you are trusting Apple Notes and iCloud with the encrypted blob. For most everyday text secrets, that is a fair trade for something free and built in.

When to reach for a vault instead

Reach for a vault when the secret is a file rather than a sentence, when it is something you would not want a friend who borrows your unlocked phone to find, or when you want a key that is not the same one that unlocks your whole phone. Photos of documents, scans, and recovery codes all fit here.

Vaultaire stores these behind a pattern-derived key, separate from your camera roll and your notes, so a sensitive scan is not one tap away inside an app you open all day. The two tools are not rivals. Lock quick text in Notes, and keep files and photos in a vault.

Sources

FAQ

Are locked Apple Notes actually encrypted?

Yes. Apple derives a key from your password or passcode with PBKDF2 and encrypts the note body and attachments with AES-GCM. The content stays encrypted on device and in iCloud, and Apple cannot read it. The real gaps are the visible title and the fact that a passcode-locked note shares your phone's unlock.

Can someone open my locked notes if they know my iPhone passcode?

If you locked the note with your device passcode, yes. Locking with the passcode means the same Face ID or passcode that unlocks the phone also opens the note. To require a separate secret, set a dedicated Notes password under Settings, Notes, Password instead.

Should I keep passwords and IDs in a locked note?

A few text secrets like a door code are fine in a locked note with a generic first line. For account passwords use a password manager, and for ID photos, scans, and recovery codes use an encrypted vault. Those are files, and Notes will not even let you lock a note that contains a PDF.

Download Vaultaire Free