NimbleCal uses end-to-end encryption to keep your calendar private. That means your calendar content is encrypted, and your device needs a key to read it.
Why you might see an "Unlock your encrypted data" prompt
NimbleCal takes a security-first browser approach. By default, after a full browser close or restart, it does not keep a reusable local unlock path available. That means you may need to unlock your encrypted data again when you come back.
Why make that tradeoff? Because fewer unlock prompts usually mean keeping unlock-capable material available on-device for longer. In a browser, that raises the local-device risk tradeoff, especially on shared devices or in browsers with extensions. NimbleCal prefers a fresh unlock when local unlock state is gone instead of leaving a reusable browser unlock path available for longer by default.
In NimbleCal, sign-in and unlock are related but separate:
- Sign-in connects your account so NimbleCal can sync your encrypted data.
- Unlock lets this device read your encrypted calendar locally.
Desktop and mobile apps can often rely on OS-backed secure storage and biometrics for faster reopening. Web apps do not get the same storage model, so they make different tradeoffs between convenience and how long a device stays locally unlockable.
If you use a trusted device, you can enable Quick unlock in Settings. Quick unlock lets you use your face, fingerprint, or device PIN instead of typing your password each time. It uses your device's built-in authentication to protect a local unlock credential that stays on that device and is released only after device verification. Quick unlock is a trusted-device local unlock helper. It does not move your encryption key to a brand-new device, and it is not account recovery on its own.
You are most likely to see this prompt when NimbleCal cannot restore your local unlock state automatically, for example on a new device, after all NimbleCal tabs have been closed, or after a browser restart. If Quick unlock is available on this device, the screen still appears but offers a device-unlock option you can use instead of your password. On a brand-new device, you still need your NimbleCal password until you set up Quick unlock there too.
Changing your password safely
If you still know your password, you can change it safely.
Important: A password reset needs to update encryption keys too. NimbleCal will guide you through this and may ask you to open the reset link on a device where your calendar is already unlocked or where Quick unlock is already set up.
If your email app opens the reset link in an in-app browser, you may need to copy the link and open it in the browser where NimbleCal is already unlocked. The reset page includes a "Copy reset link" button to make this easier.
If you forgot your password
Because your calendar content is encrypted end-to-end, NimbleCal cannot recover encrypted event content if you lose the keys needed to decrypt it.
If you just created your account and haven't signed in to NimbleCal yet, you can reset your password normally. NimbleCal will initialize your encryption key from the new password.
If you still have a trusted device where NimbleCal is already unlocked, or where Quick unlock is already set up, open the reset link on that same device. NimbleCal will only let you set a new password after it can unlock your encryption key there, so you do not accidentally lose access to your encrypted calendar.
Quick unlock only helps on the device where you already set it up. It does not recover your encrypted data on a brand-new device.
If you have lost both your password and every device that can still unlock NimbleCal, the existing encrypted data may be unrecoverable. The safe fallback is to start fresh. In that case:
- Your encrypted calendar content cannot be recovered by NimbleCal.
- You may need to start over with a new encrypted setup after you regain account access.
- Contact support and we'll help you figure out the safest next step for your account.
See also: