What "zero-knowledge" actually means
It is the most over-used phrase in privacy marketing. Here is the simple test that tells you whether an app means it.
Zero-knowledge means only you hold the key.
"Zero-knowledge" means the company providing the app has zero knowledge of your actual data. They store it, sync it, back it up — but only ever as ciphertext they cannot read, because the key lives with you and never reaches them.
There is one consequence that doubles as a test. If a service is truly zero-knowledge, it cannot recover your data when you forget your password, because it never had the key. So the blunt question is: can support reset my password and give me my files back? If yes, it is not zero-knowledge — someone there can decrypt your data, which means they can be hacked or compelled into doing it.
The test in one line
- Zero-knowledge = the provider holds only ciphertext, never the key.
- The proof is painful: real zero-knowledge apps cannot recover your data for you.
- "We can’t see your data" + "we can reset your password and restore it" cannot both be true.
- Local-only apps are zero-knowledge by default — there is no provider in the loop at all.
Why "we can’t reset it" is a feature
A recovery option feels safe until you think about who else can use it. A reset path is a second door into your data, and a second door can be opened by a phisher who hijacks your email, an insider, or a court order served on the company. Removing recovery removes that door. The cost is real — lose the passphrase and the data is gone — but that is the price of nobody else being able to get in.
This is the same idea behind a properly encrypted notes app: the passphrase never leaves your device, so there is no copy of the key to subpoena. It is why we treat "no recovery, by design" as a green flag, not a missing feature.
Cloud zero-knowledge vs local-only
There are two honest ways to get there. A cloud app can be zero-knowledge by encrypting on your device before anything is uploaded, so the server only ever sees scrambled bytes — that is how end-to-end encrypted note and password apps sync safely. Or an app can simply keep everything on the device and never upload at all, which makes the question moot.
Neither is automatically better. Cloud zero-knowledge gives you sync and backup at the cost of trusting the encryption was done right before upload. Local-only gives you the simplest possible threat model — nothing to intercept — at the cost of manual backups and no cross-device sync.
Spotting the real thing
Read the support page, not the landing page. An app that is serious about zero-knowledge will warn you, in plain language, that it cannot recover your account if you lose your password. An app that buries a cheerful "forgot password?" flow is telling you, quietly, that it can read your data. Believe the support page.
Zero-knowledge, answered
Is zero-knowledge the same as end-to-end encryption?+
They overlap. End-to-end encryption is the technique — data is encrypted on your device and only decrypted on another device you control. Zero-knowledge is the result — the provider in the middle never holds a key and never sees plaintext. A true end-to-end system is zero-knowledge.
What happens if I forget my password?+
In a genuine zero-knowledge app, your data is unrecoverable, because the company never had the key to decrypt it. That is the trade-off you are choosing. Keep your passphrase somewhere safe, like a password manager or a sealed note at home.
Are local-only apps zero-knowledge?+
Effectively yes, and more so — there is no provider at all. The data lives on your device, so there is nothing on a server for anyone to read, leak, or be ordered to hand over.