Jump to content
Crewood

We noticed a new login to Evernote and wanted to make sure it was you.

Recommended Posts

I guess this happens quite a bit but it's the first time for me. This morning I got an email saying "We noticed a new login to Evernote and wanted to make sure it was you."

Is this genuine and if it is, how do I stop people logging in to my account please?

Share this post


Link to post

Hi.  I've never had that email from Evernote,  but I guess it could be a new procedure - have you checked your own account?  Your access history is here:  https://www.evernote.com/AccessHistory.action

Best way to check if the email is genuine is to see whether it asks you to click on a link to confirm you're OK with the login.  No one legitimate would EVER send that sort of email.  If the email says "if the login was you,  then ignore this email" then just delete it.

Make sure you follow the usual password rules - use a different password for Evernote than anything else;  make it complicated;  use 2-factor ID - and you can ensure that you are the only person using the account.

If you see access at the link above that you can't explain,  then get in touch with Evernote via Twitter @EvernoteHelps.

  • Like 1

Share this post


Link to post

Thanks for the reply. Yes, the history shows not only someone from Brazil but a couple of places in China too.

Can anyone advise how they get in or what even they would want to get in there for? Better still, is there any way I can prevent other people accessing my Evernote account?

 

Share this post


Link to post

The places and devices are not relevant, it is easy to use servers in these places as in-betweens.

Probably you use the same login data for EN as for other accounts. If this was stolen in a security breach (not at EN, there is no reported breach) and you have reused your login data, they can access any service you are using.

  1. Go to the web client - via browser - and immediately change your password. Use a strong, unique one, not used for any other service.
  2. Then check the clients. Revoke access for any client that is not your own.
  3. As a third measure I would activate 2-FA.

Finally I would get a password manager, that creates good passwords and helps to keep track of them. Then go to every account you have, and make them secure by changing the login. Start with your E-Mail accounts, then everything related to money (bank accounts, paypal, amazon, eBay etc.), then the others.

  • Like 2

Share this post


Link to post
57 minutes ago, Crewood said:

Can anyone advise how they get in or what even they would want to get in there for? Better still, is there any way I can prevent other people accessing my Evernote account?

To access your account, they must know your password   
This was probably obtained when you used it at a site with poor security

As per @PinkElephant, you need to change your Evernote password     
Also, this password should only be used for Evernote acccess.  Don't use the same password at other sites

  • Like 1

Share this post


Link to post

Thanks to everyone for all the great advice. Really appreciated.

Not sure what "I would activate 2-FA" really means . Could someone please advise?

Share this post


Link to post
7 minutes ago, Crewood said:

Not sure what "I would activate 2-FA" really means . Could someone please advise?

See https://help.evernote.com/hc/en-us/articles/208314238-How-to-set-up-two-step-verification

Two-step verification, also known as two-factor authentication, adds an additional layer of security to the login process, requiring you to enter a verification code from your phone in addition to your regular username and password. The goal of this extra step is to combine something you know (your password) with something only you would have access to (your phone).

Share this post


Link to post

2FA is not only available with EN. Many services offer this option as an additional layer of security.

It is especially valuable for your mail accounts. Most logins have an option to reset your password. This is usually done by sending you an email to the address you used when you established your Account. If somebody can hack into your mail account, they can take over your virtual identity by resetting your other accounts. 

So make sure your Mail account(s) are locked up like Fort Knox ! A good password, not reused anywhere, plus 2FA should do the job.

Share this post


Link to post

Get Bitwarden password manager, it has a build in functionality where it checks if your password has been included in the lists of compromised passwords sold on the internet. Also a pretty good PM overall.

Share this post


Link to post

I'm pretty sure Bitwarden (which I also use...) connects to https://haveibeenpwned.com for their warnings.  I just connected to that website direct for my several email addresses (I'm a popular person!) and I get a depressingly happy "You've been Pwned!!" email every time one of them is detected in a leak online.

I am careful to use different passwords for every login, and change them regularly; and Bitwarden generates random collections of characters like "bv7LqiwCP#" (not one I use!) quite freely.  Since it is remembering the password on my phone / tablet / laptops I don't much care how human unfriendly that is - in fact the less friendly the better!

So if you're a 'bad actor' looking for a payoff - please have fun with whatever passwords of mine you may have found; they're likely out of date and will be unusable anywhere else...  

Share this post


Link to post

Yes, this is the most popular website for warnings of this type. I am a bit worried about it’s future. The founder tried to find investors, and I have read he failed. So maybe he is a little  short of money to buy new breaches from the dark net. 

We have another in Germany, run by an IT institute sponsored by one of the founders of SAP. It is serving the same purpose:

https://sec.hpi.de/ilc/?lang=en

There are several password managers that check for this type of leaks. I use 1Password that has a function called Watchtower for this purpose. They check for leaks, and it warns you if you use a „trivial“ password that occurs frequently in breaches. If it is found often, it means that the „bad guys“ will probably have the hash for these password in their rainbow tables. Then even if the password is technically very strong, it will be found in a matter of seconds (unless the company it was taken from used a good salt to obscure the Hash file).

  • Thanks 1

Share this post


Link to post
13 hours ago, PinkElephant said:

We have another in Germany

I tested it out - seems to provide much more detail than the 'pwned' service,  which just gives broad details of what information has appeared where.  Thanks for that!

  • Thanks 1

Share this post


Link to post

Yes it is o.k.

I just found that both together give a better overall result. They seem to have a slightly different stock of data to which they compare.

Share this post


Link to post

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×
×
  • Create New...