evernote forever

[iwanttodeleteevernote 1]

i’m thoroughly impressed that evernote’s deactivation flow really lives up to its company name. evernote. so y’all made it impossible to delete accounts. 

in the last three months, i’ve had countless notifications that my account was accessed by random devices in vietnam, turkey, pakistan, brazil, india. i wish i could say these were all me, but it was 2020 last year and we all know no one went anywhere. everytime i got the notification i just changed my password. to which, my account got hacked again. multiple times. 

i would have been completely okay with another random account in comatose on the internet, but all the hacking notifications threw me over the edge. that, plus the fact that your deactivate flow is pretty much nonexistent.

could you please: 1. improve your hack detection flow with heightened repeat offender prevention 2. improve the deactivation flow by reducing barrier to exit (i get stuck on the account status > google verify page with an error — see video) 3. let basic customers file help tickets

[John in Michigan USA 129]

Have you tried setting up 2FA? If so, have you tried disabling 2FA (which will force your existing 2FA and backup codes to expire), resetting your password (again), then re-enabling 2FA?

But maybe the problem is, you can't do that on a deleted account...

[iwanttodeleteevernote 1]

thanks for your comment! i dont have 2FA enabled, which probably could’ve helped prevent the hacks. on the video with me going through the deactivation flow, it took me to SSO through my gmail. i think there’s a bug on their backend preventing me from going to the right page to deactivate. 

not sure if it’s a deliberate strategy to increase friction and reduce deactivation volume... but it’s really frustrating. 

[PinkElephant 8,072]

In fact you have access to support, on account and on payment issues (the later not applying in your case).

If the hack repeated itself, I wonder what sort of password you were using. I doubt it was one of these unique, completely random 15-digit-monsters, or a passphrase at least 30 digits long. There are numerous descriptions in the web how to create these passwords, and there are password managers that will do it for you.

SSO is such a „great“ idea - ever thought about the fact that most functions that make it easier and more comfortable to use a service make it more vulnerable as well ? If each service has a key, SSO means you mint yourself a master key to all of them. Better keep it very safe ...

2FA is an additional layer to secure access, but only when combined with a strong password.

IMHO there is anything in place for a secure account from EN side. Sure they could do more and more - are you willing to pay for getting such a service ? And if offered, would you use it when you did not even use the options that ARE available for you at this very moment ?

[iwanttodeleteevernote 1]

all 2FA/SSO aside, im trying to deactivate my account— which is the real issue here. i can’t access an evernote help ticket, bc im not a paid member. so i posted this on a forum hoping someone on their team can deactivate it for me. 

[PinkElephant 8,072]

In general you can access support, on account issues even with a Basic account.

Log into the web client, top right corner, beside the name is a down arrow, where a support ticket can be issued. It works for Basic accounts if „account“ is chosen as ticket type. It will not work for technical questions, this is a Premium feature.

[iwanttodeleteevernote 1]

thanks for the protip on logging in to web client! was able to file a ticket/send an email. now just waiting to hear back from their team. 

[PinkElephant 8,072]

Glad to help. Hope they can solve the issue.

Since v10 I am running an additional Basic account for testing things, so I got much better in knowing my way around on this account type.