What Not to Store in Online Notes

Start with the worst-case question

Before saving text online, imagine the note was opened by the wrong person. If that would create serious harm, the text does not belong in a general online note app.

This is true even when the app uses account login or password-protected links. Access control reduces risk, but it does not turn a regular note app into a secrets manager.

Never store these

• Account passwords, temporary login codes, or backup codes.
• Crypto private keys, seed phrases, API keys, or database credentials.
• Credit card numbers, bank account information, or identity documents.
• Private medical, legal, or employment records.
• Anything your workplace policy forbids copying into third-party services.

Be careful with these

• Meeting notes that include names, emails, or internal decisions.
• Drafts that include customer information.
• Links to private files or dashboards.
• Temporary notes that become important over time.

Better alternatives

Use a password manager for passwords, OTPs, private keys, and recovery codes. Use your workplace-approved tools for customer data or confidential work material.

Use ThrowNotes for plain text handoff, drafts, lists, and notes where convenience matters more than secrecy.

The honest rule

If a note needs strong secrecy, do not save it in ThrowNotes. If it needs quick access, lightweight sharing, or account sync for ordinary text, ThrowNotes is built for that job.