Kurt.Angle 1 Posted March 16, 2013 Share Posted March 16, 2013 I have received 4 emails to reset my password so far, and I've already done so during the initial announcement. Problem #1: If this email is legit, why do you need to keep sending the email? Once is enough, and I can probably say it is not necessary at all -- just force the user to change their passwords when they login with the old one. Problem #2: In the email, there is a link which includes my email address. It looks legit, but didn't Evernote said don't click password-reset links? Anyway, attached is the screenshot. Is this legit? Link to comment
C6REW 416 Posted March 16, 2013 Share Posted March 16, 2013 Hi Kurt, I wonder if you have more than one account/password/email address? Best regards Chris Link to comment
BurgersNFries 2,407 Posted March 16, 2013 Share Posted March 16, 2013 I have received 4 emails to reset my password so far, and I've already done so during the initial announcement. Problem #1: If this email is legit, why do you need to keep sending the email? Once is enough, and I can probably say it is not necessary at all -- just force the user to change their passwords when they login with the old one. Problem #2: In the email, there is a link which includes my email address. It looks legit, but didn't Evernote said don't click password-reset links? Anyway, attached is the screenshot. Email Evernote.png Is this legit? Definitely a case of "damned if you do & damned if you don't" b/c I'm sure if they only sent one email, at least one user would be peeved & wonder why they didn't send out followup reminders. Bottom line, if you changed your password, you're good. Additionally, as Chris said, are they all for the same account? (I have a few EN accounts & don't recall if the dups were followups or for different accounts.) WRT #2: http://discussion.evernote.com/topic/35615-phishing-attach-underway-for-evernote-accounts/ Link to comment
Level 5 cwb 225 Posted March 19, 2013 Level 5 Share Posted March 19, 2013 I can confirm, I have two accounts with two different email addresses and received two and only two reset emails. None since the weekend the hack was announced. Link to comment
gbarry 2,658 Posted March 19, 2013 Share Posted March 19, 2013 Yes that's ours. The link is included to make it easier to reset passwords. We generate a link so that each person receives a custom reset link for their accounts. If you've already reset yours feel free to ignore this.There are a few scenarios where duplicates are showing up--we're doing what we can to limit these, but an occasional duplicate--thems the breaks of emailing 50 million people. Link to comment
Level 5* jefito 5,589 Posted March 19, 2013 Level 5* Share Posted March 19, 2013 I got a second one the other day, which puzzled me for a bit. Then I remembered my second account that I use for testing. Doh! Link to comment
Recommended Posts
Archived
This topic is now archived and is closed to further replies.