Jump to content

Security: Storage & Access

Recommended Posts

I'm considering using Evernote, but before I make the plunge, I want to understand the following - 

  • How do you protect the confidentiality of data at rest?
  • Do you support, or have plans to support multi-factor authentication, e.g., Google Authenticator?


Thank you!

Link to comment
  • Level 5*

You’re posting in a user discussion forum.

For security answers from Evernote, see https://evernote.com/security

Evernote offers two-step verification (“2SV”), also known as two-factor or multi-factor authentication, for all accounts. Our 2SV mechanism is based on a time-based one-time password algorithm (TOTP). All users can generate codes locally using an application on their mobile device or can choose to have the codes delivered as a text message.

Encryption at Rest
In late 2016, we began migrating the Evernote service to the Google Cloud Platform (“GCP”). Customer data that we store in GCP will be protected using Google’s built-in encryption-at-rest features. More technically, we use Google's server-side encryption feature with Google-managed encryption keys to encrypt all data at rest using AES-256, transparently and automatically. You can find additional information on how encryption at rest protects your data here.

  • Like 1
Link to comment

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Create New...