Jump to content
Sign in to follow this  
Swagata Columbus

Higher Ed Lock individual notes

Recommended Posts

There should be an ability to lock individual notes with password/touch id as there in OneNote. Else its very dangerous to keep sensitive information like scanned passport, bill and receipts. Evernote still cannot become my one and only notebook app and I still have to depend on OneNote for keeping sensitive data. It might happen that you accidentally share one of your sensitive notes. If your note is password protected no one can open it. 

Share this post


Link to post

I use encryption to protect my sensitive data.
Evernote has a text encryption feature, and I use native encryption of attachments; PDFs, office/iwork documents, ...

My scanned passport is stored as an encrypted pdf.

  • Like 2

Share this post


Link to post

How do you use the encryption feature? Does that work on just PDF's or notes as well?

 

Share this post


Link to post

Personally I use my password manager to store short notes of sensitive text. 1Password has an own category for sensitive notes, text only, no attachments.

The encryption of files like pdf and office programs has shown to be weak in the past. It is o.k. to avoid someone to peek in, but can be brute forced and on some document types circumvented. Better than nothing, but not safe against a real attack.

Share this post


Link to post
6 hours ago, PinkElephant said:

The encryption of files like pdf and office programs has shown to be weak in the past.

I'm more concerned with the present but it does mean we have to redo the encryption 
Is there any information on the encryption levels being used?  I vaguely know AES is the top level

edit; Evernote's text encryption level is documented here https://help.evernote.com/hc/en-us/articles/208314128-What-type-of-encryption-does-Evernote-use-

Share this post


Link to post

I agree that it is better to care for the present than to relive the past, or worry about the future.

The issue with file based encryption is described in the EN support document, but the same applies to all other types of documents encrypted on a per-file basis: If the encryption shows a weakness in the future, there is no easy way to fix this. You have to take each document, decrypt it with the old key and re-encrypt it using a new key and a secure method.

If the encryption is applied on a data base / System Level, the System gets fixed, and this will automatically lift all the content to a new level of security. The downside is: As long as the system is not fixed (worst case is a zero-day-exploit), all content is exposed.

So both strategies have their individual SWOT-profiles - personally I prefer a security on the system level rather applied file by file, or text by text.

Share this post


Link to post

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×
×
  • Create New...