How do OneNote 2016 and Web uses the password to protect the sections


We have in our computer Microsoft OneNote 2016.  We wanted to know when a user places a password in a section, is the entire section encrypted with the password, or the password is just for opening the section (in other words, another person can see the contents if he/she knew where the files were saved)? - same question on the OneNote data sync in
Who is Participating?
Snarf0001Connect With a Mentor Commented:
Sure, here's a link from MS:

Most of the top is just an overview, but towards the bottom on the "important notes" it has a quick bullet about the section being encrypted.  That's about all "official" you can find.

Easiest way to prove it though, is a quick test yourself.  Save a notebook on your local machine, put text like "lookingForThis" in the page, and encrypt it.  Open the file with notepad, and you'll see several xml nodes with encryption details, and gibberish if you search for that actual text.

Non-MS link describing much more of the encryption details, but for 2013.  Don't imagine too much of the underlying plumbing changed though.
Pawan KumarDatabase ExpertCommented:
As far as I know complete sections password protection is not possible. we can do section by section.

Read for more details-

check this section Lock the protected sections in your notebook
rayluvsAuthor Commented:
Yes, that I already know, that complete sections password protection (entire books) is not possible.

My question is more directed on the section contents that a password has been placed.  Is the entire section encrypted or the password is only used to access the section?
Cloud Class® Course: Python 3 Fundamentals

This course will teach participants about installing and configuring Python, syntax, importing, statements, types, strings, booleans, files, lists, tuples, comprehensions, functions, and classes.

Pawan KumarConnect With a Mentor Database ExpertCommented:
check this section Lock the protected sections in your notebook.... There is thing called LOCK ALL.
Snarf0001Connect With a Mentor Commented:
The section is encrypted.  
The entire item is not, as there's some header / config information that remains non-encrypted, but everything YOU enter (text etc) is encrypted in the raw file.
I'm honestly not sure if it uses the actual password you entered as part of the encryption algorithm, but the raw contents are encrypted.
rayluvsAuthor Commented:
Thank you.  By any chance, is there some documentation or links that I can pass to my supervisor relating your specifics? (greatly appreciated if so)
rayluvsAuthor Commented:
Great! Thanx! I saw the link when Pawan sent it, but since it was just steps, no explanation, I dismissed it (didn't go to the as you said, to "important notes").

I want to do the test you recommend, this will assure my supervisor.  So where are the notebooks located in my computer?
(we found a google saying "C:\Users\User-Name\AppData\Local\Microsoft\OneNote\" but there is limited data, not my sections)

Please advice.
Do you need to do it on a real (existing) notebook, or can you just create a new one?
If a new one, when you create it you can change the folder location from the "New Notebook" screen (Create in a different folder link).

If you need to do it with an existing, is it through OneDrive, or online or local?
In either case, from within OneNote, if you right click on properties you can see the area it's saving.

Can you post a shot of what you see?
rayluvsAuthor Commented:
Doesn't permit me (see pix below)

onloc(seems it only saves in onedrive - but when offline we can work with it, so it has to be in my pc somewhere)

Is there another way of doing your recommendation?
Due to their general security, directly access the online files isn't too easy...
But the one note sync mechanism does still retain the files on your system.

There's two areas, backup, and cache.  The cache is a tonne of binary files for syncing, but the backup section might do the trick, and does retain the same encryption mechanism.

But should be in that same folder path you pointed out before:


What do you see in there?
rayluvsAuthor Commented:
just 2 folders 14.0 and 16.0  and in the 16.0\backup folder there some of my pages but not the new one created for the test.  

However, being there, I went to do your recommendation of "Open the file with notepad" of the non-password set sections and I see gibberish (see below) even if I didn't have the section password-protected.

So it seem hard to see if its really encrypted.

Anyways, I read your links and it seems to imply that the encryption is the entire section and all its pages, but your recommendation of actual testing is a good one to present to my boss.

Is there another way we can do what you said?
Sometimes the new ones will take a little bit of time to show in the backup folder, I would wait and see if it pops up there.

As for the file, it's never going to be completely clean.  There's a lot of binary information being stored in there, so will always have a decent chunk of gibberish.  But basic text you enter is fully readable.  If you typed in "this is my encryption test" into OneNote, and searched after opening in notepad, you would quickly see it in there.

Once encrypted, you would not.
rayluvsAuthor Commented:
So basically there is no other way of testing it it right?

So strange I cannot find the folder where the a copy is being worded on.  That is, I disconnected from the internet and went to work with onenote and they weee update.  So a copy MUST be in the computer, but where? (it’s not the 16.0 because the onenote files are not recent there)
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.