Skip to main content

Encrypted Sync Help

This page covers common questions, issues and solutions when setting up Everdo Sync.

About Encrypted Sync

The Encrypted Sync Service (ESS) is a hosted service that syncs your Everdo data across desktop and mobile devices over the internet. Each device maintains a full local database and works offline. When online, devices exchange updates through ESS.

All task and tag titles and descriptions are encrypted on-device using AES-256-CBC before being sent to ESS. The encryption key never leaves your devices. ESS only stores encrypted data and a cryptographic hash of your key (used to detect mismatches). Metadata such as timestamps, parent-child references, and item types is not encrypted — it is needed for conflict resolution and sync optimization.

Account Creation

Why is an account required? Your account is used to store your encrypted data on the server and coordinate sync between your devices. You don't have to create an account to use Everdo offline or use the local network sync.

30-day free trial starts when you create the account. After the trial, a subscription is required to continue syncing. You will be reminded via email before the trial ends. After your trial ends, pricing applies.

Not receiving the verification email?

  1. Check your spam/junk folder.
  2. Go to sync.everdo.net, sign in, and click the Re-send verification link.
  3. If the email still doesn't arrive, contact support@everdo.net.

Encryption Key

The encryption key is a 16-word passphrase generated randomly on your device. Each word comes from the Niceware dictionary of 65,536 words. Since each word encodes 16 bits, 16 words produce a 256-bit key — the standard key size for AES-256.

The key is stored in the encryption-key file in your Everdo home directory. You only generate it once, on one device. All other devices must use the exact same key.

Can I choose my own key?

Yes, but every word must exist in the Niceware dictionary and the passphrase must be exactly 16 words. This constraint ensures 256 bits of entropy. A passphrase with fewer words, more words, or non-dictionary words will fail validation.

Do I need to save and backup the key?

Each of your devices connected to ESS stores a copy of the encryption key, so if you have access to at least one of your devices, you can recover your key from that device and sync with your account.

However, if you lose access to all your devices and don't have the encryption key backed up, then the data in your sync account can not be recovered. The ESS does not store your key by design, so we cannot assist in recovery.

Because of this, we recommend storing the key in a secure place, like your password manager.

Accounts with Sync History

After you create a sync account and sync your first device, the sync service will store a cryptographic signature of the key that was used to encrypt your data. The service will reject any data encrypted with a different key and display the encryption key mismatch error or similar.

This means that when you set up encrypted sync on a new computer using a pre-existing account, you should transfer a key from one of your other devices to the new device. The easiest way to do this depends on which type of devices you are setting up and which devices you already have. For example you can connect a mobile device to ESS by scanning a QR code generated in the desktop app. But in any of the Everdo apps you can go to sync settings and find your encryption key there.

What if I don't have the key I used earlier

This applies if you don't have your encryption key backed up anywhere and don't have access to any devices you've previously synced.

In this case you'll need to generate a new encryption key and tell ESS to wipe any pre-existing data in your account, so that your devices can send data encrypted with the new key.

This is called a "Force Push" and it's available in sync settings in the desktop app.

warning

Force Push replaces all data stored in ESS with whatever data your current device has

Device Pairing

Pairing is the process of configuring a mobile device to sync with ESS using the credentials and encryption key from an already-configured desktop device.

How it works

  1. On the desktop app, go to Settings -> Sync -> Pair Device. This generates a QR code.
  2. The QR code contains your encryption key and a temporary authentication token — everything the mobile device needs to start syncing.
  3. On the mobile app, go to Settings, set sync mode to Encrypted Service or ESS Integration, and tap Quick Pairing.
  4. Scan the QR code. The mobile app extracts the key and token, then performs a full two-way sync.

The initial sync during pairing may take a few minutes if you have a lot of data.

What is a device name?

A label you assign to identify the device in your account. It has no functional effect — pick whatever makes sense to you (e.g., "Work Laptop", "Phone"). This label is shown in the list of connected devices in your account at https://sync.everdo.net

Why can't I just sign in on mobile?

Signing in alone is not enough because the mobile device also needs the encryption key. Pairing transfers both the authentication credentials and the key in a single step via the QR code. Without pairing, you would need to manually enter the 16-word passphrase on your mobile device, which is error-prone. You can still do manual setup if you prefer.