vogelap 27 Posted July 13, 2021 Share Posted July 13, 2021 The above is my note in the note view. The Password is encrypted as expected. But when I see the same note inside the Home page's Recent view, the encryption is not applied... Link to comment
Level 5 PinkElephant 8,070 Posted July 13, 2021 Level 5 Share Posted July 13, 2021 Holding passwords in EN is simply a bad idea. Get yourself a password manager - it will not only safely store your passwords, it will propose strong and unique ones, will look after 2 FA, warn you about breaches and more. When done with the shift, delete all of the notes containing passwords, then go to the trash and delete them a second time. Only a completely deleted note will not leave a trace in note history and elsewhere. Link to comment
vogelap 27 Posted July 13, 2021 Author Share Posted July 13, 2021 Just now, PinkElephant said: Holding passwords in EN is simply a bad idea. Get yourself a password manager - it will not only safely store your passwords, it will propose strong and unique ones, will look after 2 FA, warn you about breaches and more. When done with the shift, delete all of the notes containing passwords, then go to the trash and delete them a second time. Only a completely deleted note will not leave a trace in note history and elsewhere. I completely agree with you and will undertake that conversion in the very near future. I offered this as (yet another) indication of the insecurity of passwords in Evernote. These types of issues make me wonder if Evernote is being tested at all. 1 Link to comment
Evernote Expert agsteele 2,941 Posted July 13, 2021 Evernote Expert Share Posted July 13, 2021 I concur with this. Certainly storing passwords inside Evernote isn't a great idea. The EN encryption is not great at the best time. But this is an extraordinariy poor thing. I'd recommend a support ticket. UPDATE: After a few minutes the Dashboard has updated to hide the encrypted text. I assume that the initial thumbnail view was created when the note was created and prior to the encryption taking place. The Encryption caught up... 1 1 Link to comment
Level 5 PinkElephant 8,070 Posted July 13, 2021 Level 5 Share Posted July 13, 2021 It is not a question of testing - IMHO EN has simply carried a bad concept over from legacy to v10. Since v10 is syncing much more frequently, it took the text encryption from bad to worse. I would skip it altogether, because a unreliable encryption is worse than none. To store encrypted content another solution is to use an app that de- and encrypts independently. You store the encrypted container as an attachment in a note, and download it from EN (out of syncing range) before you decrypt. Before putting it away into EN, encrypt it. This is technically possible and safe - unless you make a mistake handling the procedure. Thus I would skip all this, get some cloud storage, get an app like Boxcryptor and run encrypted content outside of EN altogether. The only way to a safe encrypted storage in EN would IMHO be to have a special encrypted notebook, that handles similar to a Boxcryptor session, but using EN for storage. This must be build from scratch, because it must safely be excluded from unwanted syncing. 1 Link to comment
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now