§ Apple
Does Apple Notes Have End-to-End Encryption? (Updated 2026)
Apple Notes end-to-end encryption status in 2026: regular notes, locked notes, and Advanced Data Protection — the honest three-tier answer and where the gaps still are.
Quick answer: The Apple Notes end-to-end encryption status in 2026has a three-tier answer. Regular notes with default iCloud: not E2EE — Apple holds the keys. Locked notes: body is E2EE with your note password, metadata isn't. Any note with Advanced Data Protection on: genuinely E2EE, Apple cannot decrypt it. The headline most people miss is that the default is still Apple-managed, and most users have never turned on ADP.
The honest three-tier answer
“Is Apple Notes end-to-end encrypted” is the wrong question. Apple Notes is not one thing — it's three configurations, each with different encryption properties. Treating them as one product is how people end up storing recovery seeds in a default note thinking they're protected.
| Note configuration | Encryption | Key custody | Apple can decrypt? |
|---|---|---|---|
| Regular note, ADP off | AES at rest, Apple-managed keys | Apple | Yes (legal process) |
| Locked note, ADP off | AES body + PBKDF2 password key | User (note password) | Body no, metadata yes |
| Regular note, ADP on | AES, end-to-end encrypted | User (Apple ID device keys) | No |
| Locked note, ADP on | Double-layered: note password + ADP | User (both layers) | No |
| Shared note (any setting) | Apple-managed, no per-note lock | Apple | Yes |
Apple does not market this distinction clearly, which is fair — most users would tune it out — but it matters. The default state of Apple Notes in 2026, for a user who hasn't individually locked anything and hasn't opted into ADP, is encrypted but Apple-readable. If you've never explicitly done either, you're in that tier.
How Apple Notes encryption actually works
For locked notes, Apple uses an AES-based cipher with a key derived from your note password via PBKDF2 (a key-stretching function that makes brute-force expensive). The note body is encrypted before it's synced to iCloud. The note password is never uploaded — it stays on-device, and the key is regenerated each time you unlock the note. That part is solid cryptography.
For regular (unlocked) notes without ADP, iCloud Notes uses Apple's standard server-side encryption. The data is encrypted at rest on Apple's servers with keys Apple holds. TLS protects the transport. This is competent engineering — there has never been a publicly known plaintext breach of iCloud — but it's not E2EE. Apple's own published model is clear about which categories are which. We covered the full breakdown in our piece on whether iCloud is safe for sensitive notes.
With Advanced Data Protection enabled (an iOS 16.2 feature you must opt into), iCloud Notes joins the E2EE tier. The encryption keys move from Apple-managed to user-held (specifically, derived from your device's hardware-rooted Apple ID keys). Apple loses the technical ability to decrypt. This is the same protection Secure Notes provides by default, but for your entire iCloud Notes corpus.
The gaps in locked Apple Notes
Locked Apple Notes are better than nothing but they have real edges. The most important ones, in 2026:
- One Locked folder, one password.You cannot segment access — every locked note uses the same lock. If you need to share access to a specific note without revealing everything, you can't. Compare to per-folder passwords in a real E2EE notes app.
- Sharing breaks the lock.The moment you share a locked note, the lock is removed for all participants. There is no “shared but encrypted” mode. For collaborative sensitive content, this is a non-starter.
- Search index leakage on macOS. Historically, macOS Spotlight has indexed locked-note content and exposed it via search even when the note was locked. Apple has patched specific cases, but the architecture invites recurrence.
- App-switcher screenshots. iOS captures a screenshot of the active view when you background the app. If you backgrounded Notes while a locked note was open, the preview can contain plaintext. Secure Notes hides the preview by default; Apple Notes does not.
- Attachment history.Until iOS 13, attachments in locked notes were stored unencrypted in iCloud. Old notes carried over from pre-13 may still have unencrypted attachments. Re-locking a note doesn't retroactively fix old attachments.
- No recovery seed model.If you forget your note password, Apple has no way to recover the locked content. There's also no 12-word fallback like a zero-knowledge app would offer. You either remember it or lose it. Read why a recovery seed matters.
When Apple Notes is enough and when it isn't
For most daily content — shopping lists, meeting notes, recipes, half-formed thoughts — Apple Notes is fine. The default tier is unlikely to cause real harm, and the UX is excellent. The question is which content you treat as “default” and which deserves a higher tier.
Apple Notes is enough when:
- The content is not catastrophic if Apple reads it (or is compelled to).
- You don't need to segment access across multiple personal topics.
- You've enabled Advanced Data Protection.
- You don't need to share sensitive content while keeping it encrypted.
Apple Notes is not enough when:
- You're storing passwords, recovery seeds, or API keys (use a password manager or a dedicated E2EE notes app).
- Your threat model includes the publisher itself, or a government able to compel the publisher.
- You need per-folder or per-note password granularity.
- You need to share encrypted content with someone else.
- You collaborate on legal, medical, or financially sensitive documents.
The pragmatic 2026 setup: turn on ADP, keep daily content in Apple Notes, and use a dedicated app like Secure Notes for iPhonefor the things that need their own password boundary. The two coexist cleanly — Apple Notes for everything you don't care about anyone seeing, the encrypted app for everything you do.
Frequently asked: Apple Notes encryption
Are Apple Notes end-to-end encrypted by default?
No. By default, iCloud Notes is encrypted in transit and at rest with Apple-managed keys — meaning Apple can decrypt your notes. Only two things make Apple Notes end-to-end encrypted: locking individual notes with a per-note password, or turning on Advanced Data Protection for your entire Apple ID. Without either, Apple holds the decryption keys to your default notes.
Are locked Apple Notes truly encrypted?
Yes — the body of a locked Apple Note is encrypted with a key derived from your note password using PBKDF2. That part is genuine. But the surrounding database stays Apple-managed unless ADP is enabled. Historically, attachments in locked notes were not always encrypted (Apple fixed this in iOS 13), and macOS Spotlight search has leaked locked-note text into the search index in older versions.
Can Apple employees read my notes?
Without Advanced Data Protection, Apple has the technical capability to decrypt your iCloud Notes on the server side — they hold the keys. Policy and access controls mean a random employee can't browse your notes, but valid legal process can compel disclosure, and Apple's transparency reports show thousands of such requests fulfilled annually. With ADP on, Apple cannot decrypt the content even if they wanted to.
Are shared Apple Notes encrypted?
Shared notes lose their lock when shared. Once you share a note, the participants need to be able to read it, which means it cannot be encrypted with your personal note password. Shared notes also cannot be locked. This is a real gap: if you're collaborating on something sensitive in Apple Notes, the content is sitting in Apple-managed iCloud with no per-note encryption layer. ADP improves the floor but doesn't change the sharing model.
Does Advanced Data Protection cover Apple Notes?
Yes. When ADP is enabled (iOS 16.2 and later), iCloud Notes flips from Apple-managed keys to user-held end-to-end encryption — Apple cannot decrypt the content. This applies to all of your notes, not just locked ones. ADP expanded the E2EE-protected categories from 14 to 23. The tradeoff is that you become solely responsible for account recovery and lose iCloud.com web access for the protected data.
Is Apple Notes safe for passwords and recovery phrases?
No. Even with ADP on, Apple Notes is the wrong tool for high-value secrets. The single Locked folder model means one password gates everything; there's no per-note password segmentation for daily-driver content. App-switcher previews can leak unlocked content, screenshots can be taken without warning, and shared notes break encryption entirely. Use a password manager for credentials and a dedicated E2EE notes app for recovery seeds.
Keep reading