View Link vs Account-Based Editing: Security Basics
The difference between public sharing and account-based editing matters. Here is a practical security model for catchup links.
February 21, 2026 · 6 min read
Tags: security / best-practice
View access and account ownership
The view link is designed for attendees, but anyone with the link can read it.
Editing belongs to the signed-in owner, and anonymous pages can only be claimed from the device that created them.
How leaks usually happen
Public links can still leak too much context if the note contains sensitive details, even when the page itself is read-only.
Another common issue is assuming an anonymous page will still be editable later from a different device.
Minimum safe workflow
Use view links only for attendee-facing information, and keep sensitive details out of the note itself.
If a page needs long-term control, create it while signed in or claim it on the same device immediately after creating it.
We use safeguards behind the scenes to detect unusual access patterns, so you can focus on keeping the shared content itself simple and safe.
