JoshJ1 1 Posted August 1, 2014 Share Posted August 1, 2014 Hey guys, How secure is encrypting text in an Evernote, vs an app like 1Password; http://help.agilebits.com/1Password3/security.html Also, is my mac keychain encrypted? (Is Keychain the only place on my mac which is auto-populating my regular website logins?) Link to comment
ScottLougheed 1,316 Posted August 1, 2014 Share Posted August 1, 2014 There's no comparison. 1Password is far superior to Evernote in terms of encryption. ONLY YOU know your passcode for decrypting your 1Password data, this is called "zero-knowledge encryption", which means that nobody, not even AgileBits who makes 1Password can unlock your 1Password data. Even if someone hacks your computer (or iCloud, or Dropbox, or your phone or wherever you store your 1Password data), there's no database of decryption keys to steal, so the hacker would have to brute force some of the best encryption around. This would be a VERY difficult task. Evernote does not use zero-knowledge encryption, while what you put in evernote is secure, it is less secure than 1Password which is about as secure as you can get. The Keychain on your Mac is MORE secure than Evernote. I would say it isn't quite as secure as 1Password, it is darn close. Here is more info on how your Mac Keychain is secured:http://support.apple.com/kb/HT5813?viewlocale=en_US&locale=en_US In general your Mac's Keychain and 1Password are designed purely for the purposes of storing passwords, and doing so safely. Either option is great for securing your passwords. I would never put passwords in Evernote because 1) They aren't as secure; 2) it doesn't automatically generate passwords for me; 3) Backing it up isn't as easy as 1Password; 4) updating changed passwords is a pain; 5) Does not auto-fill browser forms... I'm sure there are more. I personally use 1Password, but I also let iCloud Keychain store my passwords because I don't always want to use 1Passwords built in browser on iOS. Since I don't know any of my passwords (1Password has generated them for me), I can't type them in manually. Using both is a good middle ground and generally doesn't cause much confusion (though is marginally less secure...) When iOS 8 comes out with extension support (1Password has created an extension), I may reduce my reliance on iCloud keychain and may delete my auto-submit data from it, or maybe not..... You could get by fairly well with iCloud keychain. I'd be reasonably happy with that alone, if I wasn't already a 1Password user. Link to comment
Level 5* GrumpyMonkey 4,319 Posted August 1, 2014 Level 5* Share Posted August 1, 2014 There's no comparison. 1Password is far superior to Evernote in terms of encryption. ONLY YOU know your passcode for decrypting your 1Password data, this is called "zero-knowledge encryption", which means that nobody, not even AgileBits who makes 1Password can unlock your 1Password data. Even if someone hacks your computer (or iCloud, or Dropbox, or your phone or wherever you store your 1Password data), there's no database of decryption keys to steal, so the hacker would have to brute force some of the best encryption around. This would be a VERY difficult task. Evernote does not use zero-knowledge encryption, while what you put in evernote is secure, it is less secure than 1Password which is about as secure as you can get. The Keychain on your Mac is MORE secure than Evernote. I would say it isn't quite as secure as 1Password, it is darn close. Here is more info on how your Mac Keychain is secured:http://support.apple.com/kb/HT5813?viewlocale=en_US&locale=en_US In general your Mac's Keychain and 1Password are designed purely for the purposes of storing passwords, and doing so safely. Either option is great for securing your passwords. I would never put passwords in Evernote because 1) They aren't as secure; 2) it doesn't automatically generate passwords for me; 3) Backing it up isn't as easy as 1Password; 4) updating changed passwords is a pain; 5) Does not auto-fill browser forms... I'm sure there are more. I personally use 1Password, but I also let iCloud Keychain store my passwords because I don't always want to use 1Passwords built in browser on iOS. Since I don't know any of my passwords (1Password has generated them for me), I can't type them in manually. Using both is a good middle ground and generally doesn't cause much confusion (though is marginally less secure...) When iOS 8 comes out with extension support (1Password has created an extension), I may reduce my reliance on iCloud keychain and may delete my auto-submit data from it, or maybe not..... You could get by fairly well with iCloud keychain. I'd be reasonably happy with that alone, if I wasn't already a 1Password user.While I agree with your conclusion that password services should be used for passwords, and I do not store passwords in Evernote, in fact, as far as I know, Evernote does use zero-knowledge encryption for text you choose to encrypt using the service. If you lose your password (for the encryption, not for the account), Evernote cannot retrieve it. Link to comment
BurgersNFries 2,407 Posted August 1, 2014 Share Posted August 1, 2014 While I agree with your conclusion that password services should be used for passwords, and I do not store passwords in Evernote, in fact, as far as I know, Evernote does use zero-knowledge encryption for text you choose to encrypt using the service. If you lose your password (for the encryption, not for the account), Evernote cannot retrieve it.True on both counts. Link to comment
Idea
JoshJ1 1
Hey guys,
How secure is encrypting text in an Evernote, vs an app like 1Password; http://help.agilebits.com/1Password3/security.html
Also, is my mac keychain encrypted? (Is Keychain the only place on my mac which is auto-populating my regular website logins?)
Link to comment
3 replies to this idea
Recommended Posts
Archived
This topic is now archived and is closed to further replies.