Jump to content
We apologize for the inconvenience, but chat support is currently unavailable. Please feel free to submit an email ticket or reach out at discussion.evernote.com. Thank you for understanding. ×
  • 572

Idea

  • Replies 806
  • Created
  • Last Reply

Top Posters For This Question

Top Posters For This Question

Popular Posts

I love Evernote, but it's preventing me from putting in sensitive content. For example, I can't keep a personal journal notebook, because other people (i.e. girlfriend, family members, etc.) could one

Hi, I love evernote, but i'd also love to have the feature of a simple password protection on notebooks so i can lock semi-sensitive stuff like a diary and fiction writing. I'm not asking for full on

I'm OK with my notebook being gone if I forget my encryption key... that is fine I need the ability to fully encrypt notebooks as well.... I realize you can encrypt pieces of individual notes but tha

Posted Images

Recommended Posts

  • 0

Thanks for the recommandatie about 1password, this exactly the approach I would forsere in EN. Solid Security to initially get in and EVERYTHING inside is ALWAYS secured. For EN not to be encrypted is fundamentally wrong, it's reasoning the wrong way round. So what's the argument for not doing so, Investment, indexing, laws, time?

Investment: I'd expect a lot more potential with an encrypted version of EN, people skipping the app for a justified concern about their data would actually seriously consider it. With all the news around leaks, who wouldn't want their data secured.

Indexing, surely this can be built in, if 1password can, why couldn't EN? If needed there could be a choice, with indexing or without, where with perhaps offers less space and slower Performance.

Laws, I'd be surprised if any law forced EN to keep all content wide open, rather I'd expect the opposite, for laws to protect my privacy.

Time, this would be a matter of reprioritization, if this is a feature a lot of users want, then just do it.

  • Like 1
Link to post
  • 0
  • Level 5*

The recent Ashley Madison hack and threats to publicly post hacked data online serves as a stark reminder that data stored online is not secure. Zero knowledge encryption is long overdue.

  • Like 2
Link to post
  • 0
  • Level 5*

The recent Ashley Madison hack and threats to publicly post hacked data online serves as a stark reminder that data stored online is not secure. Zero knowledge encryption is long overdue.

massive hacking incidents are now a regular part of the news, aren't they. ashley madison one day, hacked vehicles the next. of course, each incident has its own unique conditions, but the lesson to learn here, i think, is that everyone gets hacked (evernote has been hacked at least twice already).

in my opinion, we ought to assume that anything unencrypted on the cloud is either already hacked and public information, or it will be any day now. this either severely curtails our usage (grocery lists and web clippings?) or causes us to look elsewhere for an app that provides the level of security we need.

you're right about zero knowledge encryption being long overdue. my understanding is that onenote offers it now, so it looks like evernote is years behind the curve here. i hope they re-evaluate their priorities soon. their competitors have.

  • Like 2
Link to post
  • 0

I simply cannot believe that this is not an option. Evernote is supposed to be the notebook that is everywhere. Apparently this does not include collaborative environment with multi-user stations. 

 

For example: I work in a building with two stories of laboratories, ~50 researchers with about two dozen experimental stations. Any given experimental station may have a dozen or so users who log on to collect data using that instrument at different times. I should be able to lock my evernote "user account" on the native client.

 

At the very least, implement an automatic logout of the web client after a period of inactivity. It's just unreal to me that I can't have my lab notebook with me while I conduct an experiment, like I can, say with this other piece of super- advanced technology known as a paper notebook...

Link to post
  • 0
I think this isn't the best solution for desktop/workstation but this is what I need and I can got for now. I used a cryptographic program called VeraCrypt (like old TrueCrypt) and I created a volume with 8Gb, it's enough to me. So, I installed Evernote and before first sync, I changed default data directory to the protected disk. 

 

Some drawbacks can be, you need to remember to lock your workstation and/or close Evernote (even on system tray).

 

I hope this can help someone.

 


Link to post
  • 0
  • Level 5*

i doubt veracrypt is doing anything. when you unencrypt and open evernote, it syncs unencrypted to the servers, where your data sits in plain text vulnerable to any hack, rogue employee, or govt intrusion. i guess the only benefit is if someone tried to physically break into your computer and steal data.

  • Like 1
Link to post
  • 0

I agree with GrumpyMonkey -- It is more beneficial to encrypt a full note especially if it has attachments, than it is to encrypt only text in a note. Why can't the GUID be extended in the database for those notes that have full encryption versus those that are not encrypted. The first part of the GUID can designate the folder and the second indicating whether the note is encrypted through a concatenation methodology. 

Link to post
  • 0

Yes please implement this on all platforms. Even colornote on Android allows you to lock a note with a master password. I don't want somebody who accidentally sees my evenote notebooks being able to see confidential or sensitive information.

  • Like 1
Link to post
  • 0
  • Level 5*

+1 This should be a top priority for Evernote.  I want to store my vital records in Evernote but just not worth the risk until they get this added.  Using Sharefile for now.

i'm no expert in security or encryption, but i don't think sharefile is any more secure than dropbox. they hold the encryption keys. this means that they can rummage through your account whenever they want. they'll also unencrypt it and turn it over to the us govt. if asked to do so. and, if they are hacked, your stuff is at risk. i'd recommend spideroak imstead.

without zero knowledge (i hold the key and no one else has access), there isn't much point in evernote introducing passwords for notebooks.

Link to post
  • 0

Support the recommendation to introduce some level of password security for files.it would be very helpful for a variety of purposes.mnot necessary to be high level security encryption...I hav written before and now wondering if anyone has heard from the software company about their plans to address this issue???? Are they saying it is under consideration,or in the works ...or not ??????mi briefly looked for a feedback email and could not find one, so assuming this is the place - would love to hear from them.

  • Like 1
Link to post
  • 0

Support the recommendation to introduce some level of password security for files.it would be very helpful for a variety of purposes.mnot necessary to be high level security encryption...I hav written before and now wondering if anyone has heard from the software company about their plans to address this issue???? Are they saying it is under consideration,or in the works ...or not ??????mi briefly looked for a feedback email and could not find one, so assuming this is the place - would love to hear from them.

Link to post
  • 0
  • Level 5*

no plans that i am aware of, though a year or two ago the then-ceo suggested plans for "sexy" encryption, so i guess you never know. evernote generally doesn't discuss its plans. try saferoom for a third-party solution.

Link to post
  • 0

+1 for all platforms. Would be great if Evernote support could leave a reply here given all the interest. Love Evernote but this is becoming an important enough feature for me that I'll leave for a competitor if someone else develops the right feature set. 

Link to post
  • 0
Hi everyone, I'm the head of security here at Evernote. I wanted to let you know that I understand your requests for full note and notebook encryption. I'm an advocate for expanding our encrypted note text feature to include one or both of those and I appreciate everyone's input on this thread.

 

As a few people mentioned, adding these features requires time and resources. Building these isn't a business priority for our product teams right now, so we don't have any plans or timelines to add those features.

  • Like 4
Link to post
  • 0
  • Level 5

 

Hi everyone, I'm the head of security here at Evernote. I wanted to let you know that I understand your requests for full note and notebook encryption. I'm an advocate for expanding our encrypted note text feature to include one or both of those and I appreciate everyone's input on this thread.
 
As a few people mentioned, adding these features requires time and resources. Building these isn't a business priority for our product teams right now, so we don't have any plans or timelines to add those features.

 

Thank you, thank you, thank you.

 

This sort of feedback is wonderful. I'd love to see more of it.

Toss in some detailed explanation would be the topping on the cake.

  • Like 1
Link to post
  • 0

I recently upgraded to the professional edition but may need to cancel or at least stop using Evernote for work. The problem is that the encryption solution I have found - encrypting each note individually - is really not very workable. Evernote should offer something along the lines of what LastPass does for its password sharing. That is let users create a master password or pass phrase. They are responsible for keeping track of this password and Evernote never stores it on their systems. When a user starts up Evernote, they are prompted for the master password. Then anything that is transmitted to Evernote is first encrypted with that pass phrase using AES256 or some equally strong encryption. When notes are synced with other devices, the user would also need to provide the pass phrase on the device. The same would apply for the web interface. The key is that Evernote should never store the user's master pass phrases. In the case of notes passed in by email, they would be stored unencrypted until they are synced with a user device. After all, if you are emailing the document you shouldn't be too concerned about encrypting it. If there is other functionality lost due to the lack of access to my notes on Evernote servers, I would be perfectly fine with that.  As far as data stored on the device, for me, I am fine if it remains unencrypted on the devices. I just want my information protected when stored on Evernote servers.


 


  • Like 2
Link to post
  • 0
  • Level 5*

Hi everyone, I'm the head of security here at Evernote. I wanted to let you know that I understand your requests for full note and notebook encryption. I'm an advocate for expanding our encrypted note text feature to include one or both of those and I appreciate everyone's input on this thread.

 
As a few people mentioned, adding these features requires time and resources. Building these isn't a business priority for our product teams right now, so we don't have any plans or timelines to add those features.

 

Rich, thank you so much for posting here, and providing clarification of Evernote's view on NB encryption.

I very much appreciate you being an advocate for this, and look forward to hearing from you on other security topics.

 

I see this is your first post in these forums, so please allow me to welcome you here.  I'm sure others, like JBenson2, do as well.

  • Like 1
Link to post
  • 0

 

Hi everyone, I'm the head of security here at Evernote. I wanted to let you know that I understand your requests for full note and notebook encryption. I'm an advocate for expanding our encrypted note text feature to include one or both of those and I appreciate everyone's input on this thread.
As a few people mentioned, adding these features requires time and resources. Building these isn't a business priority for our product teams right now, so we don't have any plans or timelines to add those features.

 

Hi there Rich - great to see you joining this conversation! It's refreshing to see an Evernote employee participating here. I appreciate you telling us bluntly that it's not a priority for the product planners. I hope they realize that market leaders don't stay that way forever - when a company ignores the needs of it's core users (the vocal ones who want to see the product evolve), and focus on the wrong things, users will leave. I appreciate fully that developer resources are finite, and there are always more features than an ability to create those features...but I can genuinely say I haven't see a useful new product feature from Evernote in the past two years. I see the frequent updates, but none of the new features serve my needs. My needs, like those of here in this thread, are enhanced security. I want to rely upon Evernote to keep my information safe, and right now I'm not confident in the product's ability to do so.

 

Are the product planners willing to listen to the community and ask us what we want?

  • Like 1
Link to post
  • 0
  • Level 5*

From a purely selfish point of view I think this is a great piece of information. For me the rationale of Evernote has always been a place where I can add information and then quickly find it again. Adding encryption greatly reduces this capability, creates support headaches and generally distracts the company from the route that I want it to follow. Half way house measures like not encrypting titles and/or meta data would also create support issues and confuse many users.

I think it's clear from Rich's post that they are listening and that they are choosing not to pursue encryption at least for for the time being.

Link to post
  • 0
  • Level 5*

Can't agree with Metro on this. Forum flags are at half mast today.

From a selfish point of view, this is terrible news, and it means that I will continue being unable to enjoy using Evernote for the forseeable future. It is exactly the wrong way for the company to go, in my opinion. As for reducing any capacity, not necessarily (not at all in competitors) and certainly not if you don't use it, which is the same as if it is not there!

But, I'm glad to see Evernote has carefully considered it, decided it doesn't fit their vision / isn't a priority, and let us know where they stand right now. Making it clear what is going on is the way to generate goodwill and grow the business, especially if any solution like this is, at the very least, months or years down the road.

  • Like 1
Link to post
  • 0
  • Level 5*

For me the rationale of Evernote has always been a place where I can add information and then quickly find it again. Adding encryption greatly reduces this capability, creates support headaches and generally distracts the company from the route that I want it to follow. Half way house measures like not encrypting titles and/or meta data would also create support issues and confuse many users.

 

I haven't seen any evidence to support your assertion that somehow adding encryption would make things worse.

There are a number of companies offering highly secure, zero knowledge key, encryption, and I haven't heard or seen any reports of the issues you allude to.

 

Not encrypting metadata (Titles, Tags, dates, etc), is not a "half way" measure, it is a smart measure that protects the sensitive info in the Note contents while still allowing great search capability.  I see no reason that this would "confuse many users", if the feature is clearly documented, and a well-thought-out and tested UI is provided.

 

It's like having a bank vault to put your very expensive valuables and documents into, while still making it easy to bank by Internet for your day-to-day, or hour-to-hour, needs.

 

In fact, from a business position, it would be a very smart approach that I believe would set Evernote apart from the crowd while appealing to many.

  • Like 2
Link to post
  • 0

From a purely selfish point of view I think this is a great piece of information. For me the rationale of Evernote has always been a place where I can add information and then quickly find it again. Adding encryption greatly reduces this capability

 

So...you don't care about the security of that information?  :huh: I generally don't question when others want certain features in a product, but to not want more security is, honestly, surprising.

 

1password allows me to search everything, and it's far more secure than Evernote, so I don't see how/why adding encryption would somehow make Evernote less useful than it is today.

  • Like 1
Link to post
  • 0

In Day One you can set a password, but the data is not encrypted and can be read by anyone with physical access to your computer.

See: Why I Don't Use Day One For Private Journaling

 

 

I love Evernote, but it's preventing me from putting in sensitive content. For example, I can't keep a personal journal notebook, because other people (i.e. girlfriend, family members, etc.) could one day be looking at those notes, especially since they know that I use Evernote often for many purposes.

 

Evernote already has the ability to encrypt single notes. This is useful for things like storing passwords or other temporary sensitive content. But it's not practical to encrypt many notes one by one.

 

I wish I could password-protect a whole notebook. This way, I can do a lot more with Evernote. If I can encrypt single notes, then why can't Evernote just allow me to encrypt entire notebooks? If reason behind this is because Evernote thinks one could lose a lot of data if a notebook password is forgotten, then perhaps Evernote can help recover the passwords through email.

 

In the meantime, I'm stuck with using other apps (i.e. Pages, Day One, etc) to password-protect my content.

 

Any insight is greatly appreciated.

 

Thanks.

Link to post
  • 0
  • Level 5*

i think anyone with physical access to a computer is in a pretty good position to eventually get at your data, unfortunately, depending on their resources (time, money, manpower, expertise). If you turn on file vault on your mac (free and easy to use), you greatly increase your security. In fact, it doesn't matter if an app has password protection or not, because with file vault everything is under lock and key.

the problem with evernote is that your computer may be locked down and quite impenetrable to most folks, but Evernote takes data out of your computer (zero-knowledge encryption), which is only accessible to anyone in physical possession of it, and then it sends it to evernote servers (with no encryption), which are open to the world.

password protection is nice and all, but without security (encryption), it is window dressing.

  • Like 1
Link to post
  • 0
  • Level 5
There are some people who would like ultra high-level encryption to cover 100% of their entire Evernote database, but it appears that Evernote believes there is a much bigger market comprised of general users.
 

I examined my 40,000 notes in Evernote

 

50% are web clippings using Clearly

any: source:Clearly source:web.clip

 

10% are forwarded emails

source:mail.*

 

I also have a large % of scanned notes.

 

But... only 1/3rd of 1% are encrypted notes

encryption:

 

 

Why such as small % of encrypted notes? 

I use Evernote to store all sorts of events from my life, interesting facts, politics, and the more important feature: quick searches.

For high-security needs, I store my confidential information (passwords, account numbers, etc.) in LastPass.

And for highly confidential information (tax returns, for example), I store them locally, not in the cloud.

 

edit: Almost all of my photos are stored in Flickr

  • Like 2
Link to post
  • 0
  • Level 5

Thanks for the search reminders.

I would have thought that 50% of mine would have been web clips.

But I guess I'm making more use of IFTT workflows and sends to EN from my feed reeder, than actual web clipper use.

But web clipper was 25%.

10% forwarded email.

And a whopping 11 notes with encryption. It's frankly just not really worth using, as is.

LastPass on the other hand has 800 sets of credentials and secure notes.

I am disappointed to hear that it's not a business priority given we're still waiting for the previous CEO's "sexy encryption" mention.

But I am thankful for the OAuth, and multi-factor. Access security and transparency are great, and I enjoy using them.

  • Like 1
Link to post
  • 0

I use Evernote to store all sorts of events from my life, interesting facts, politics, and the more important feature: quick searches.

For high-security needs, I store my confidential information (passwords, account numbers, etc.) in LastPass.

And for highly confidential information (tax returns, for example), I store them locally, not in the cloud.

 

I used to use LastPass, and while it's great for passwords, I found it clumsy and ugly for other types of content (secure notes, etc.). I also didn't particularly like their security model. I have sensitive information in Evernote, because it's hugely advantageous for me to keep it there and have access to it from any device. Wouldn't it be wonderful if Evernote took security seriously enough for you to note have to use another app, or keep things offline, to have secure access? 

Link to post
  • 0
  • Level 5

Having sensitive info synced across all devices is kind of what LP is all about...

I'm wondering what more one might want from a security model than trust no one encryption with a multitude of multi factor login options.

And to add in LP enterprise, the usage logging across the enterprise is great, and much more useful to me than a personal decentralized model like keypass or 1password.

  • Like 1
Link to post
  • 0
  • Level 5*

 

There are some people who would like ultra high-level encryption to cover 100% of their entire Evernote database, but it appears that Evernote believes there is a much bigger market comprised of general users.
 

I examined my 40,000 notes in Evernote

 

50% are web clippings using Clearly

any: source:Clearly source:web.clip

 

10% are forwarded emails

source:mail.*

 

I also have a large % of scanned notes.

 

But... only 1/3rd of 1% are encrypted notes

encryption:

 

 

Why such as small % of encrypted notes? 

I use Evernote to store all sorts of events from my life, interesting facts, politics, and the more important feature: quick searches.

For high-security needs, I store my confidential information (passwords, account numbers, etc.) in LastPass.

And for highly confidential information (tax returns, for example), I store them locally, not in the cloud.

 

edit: Almost all of my photos are stored in Flickr

 

 

You nailed it - the vast majority of most people's stuff doesn't need to be secure or encrypted. Evernote is far more useful for far more people without encryption.

 

It's important to remember that a lot of the people that come to this forum come with edge cases, we are not necessarily representative of the user base as a whole. It's not to say that those edge cases aren't valid, but they are at the edge. The fragrant Burger n' Fries for example, quickly reached a critical mass from a scaling perspective and has mostly had to abandon Evernote. If there were thousands of users in the same situation then I'm sure Evernote would dedicate more resources to finding a solution. I'd guess the number of users with 50k+ notes is dwarfed by the number who have less than a thousand. Similarly, although encryption would be useful for a vociferous user group on here, I'm betting the vast majority of the user base couldn't care less. They don't need to secure their web clippings, recipes, wine bottle photos, shopping lists etc etc - but being able to find their stuff is absolutely key.

  • Like 2
Link to post
  • 0

Good progress and even better discussion since the response from Rich Tener. Thanks for this! Way to go, users talk to developers and vice versa.

 

As stated before, all should be encrypted, period, and it will be at some point in time, whatever tool we are using some time from now will have EVERYTHING encrypted, ALL the time, that's one.

 

Now the question is what and by when will provide this functionality, personally i don't think it is a matter of prioritizing requirements, rather it should be perceived as a basic need. Ask yourself why you would want to post any un-encrypted data anywhere? A hand written note is un-encrypted, and that's ok, since only those few individuals in and around the "note" can read it. Take a picture of it and post it online, in the cloud, and suddenly it's ok that anybody can read it (after user names/passwords have leaked or ....), why is that? 

 

This discussion will appear strange a while from now, when all is encrypted all the time. 

Link to post
  • 0
  • Level 5*

I don't need anything in Evernote encrypted, I'm sure there are lots of users just like me.

 

I'm guessing the majority or else the product teams at Evernote would be under internal pressure to add encryption - they are clearly not.

 

There are 2 sides to this argument.

  • Like 1
Link to post
  • 0

I don't need anything in Evernote encrypted, I'm sure there are lots of users just like me.

 

I'm guessing the majority or else the product teams at Evernote would be under internal pressure to add encryption - they are clearly not.

 

There are 2 sides to this argument.

My use has shifted so that this is also the case for me. I have other tools that are more secure that I keep those important files in. Evernote gets only the things that do not need encryption. 

  • Like 2
Link to post
  • 0

I don't need anything in Evernote encrypted, I'm sure there are lots of users just like me.

 

I'm guessing the majority or else the product teams at Evernote would be under internal pressure to add encryption - they are clearly not.

 

There are 2 sides to this argument.

I'm not sure there are two sides, encrypting everything should be relatively simple, we did it ourselves for a cloud based platform we use, which has consequently switched to encrypting everything for all their customers all the time, we tend to over complicate things too much. Why should anyone/thing be able to see any of your data ever, confidential or not?

Link to post
  • 0
  • Level 5*

To make it useful, to make it searchable, to provide "context" or any new form of applied intelligence that they are working on. It's pretty clear that this is their vision, locking away the data stops all of this. 

  • Like 1
Link to post
  • 0

To make it useful, to make it searchable, to provide "context" or any new form of applied intelligence that they are working on. It's pretty clear that this is their vision, locking away the data stops all of this. 

I agree with you, they need our data to run their business I guess. Otherwise I just can't understand why they won't enable a real and secure alternative for those notes that we consider are highly sensitive. 

 

A couple of months ago I decided to give up on them and moved over to DevonThink Pro Office and rendered my use of Evernote for useless webclips I come across while searching online for stuff. I must say this movement is causing me real trouble because I have information spread in two platforms and I guess I will little by little move away from Evernote totally, as it is quite a PITA my current setup.

 

After so many years of being an Evernote advocate and supporting Evernote as a Premium User since 2009 (or 2008 I can't remember), my next step will be to downgrade my account. Too bad I did not remember to stop the automatic renewal I set back then with my paypal account.

 

Also, can we really trust Rich to be who he says he is? it is his first post here...

  • Like 1
Link to post
  • 0
  • Level 5*

We should all keep in mind that none of us here, who are not Evernote employees, have the data to declare what is an "edge case" or what is a "common" use case.  

 

While it is generally accepted that forums tend to attract more users with complaints than with praise, I have seen studies that suggest that for every complaint posted, there are probably many more users with the same complaint who either don't bother to post, or just quit using the product.  Some estimate that there are 10X, or greater, the users with the complaint that don't post.  

 

This is certainly true for me.  I, along with many other users, hate the Mac iTunes UI.  Yet I have never made even one post in an Apple forum, or to Apple feedback, voicing my complaint.

 

All of this is purely academic, and irrelevant.   ;)

 

What ultimately matters is what Evernote decides to provide.

 

I am encouraged by one thing Evernote Security Head stated:

 

Hi everyone, I'm the head of security here at Evernote. I wanted to let you know that I understand your requests for full note and notebook encryption. I'm an advocate for expanding our encrypted note text feature to include one or both of those and I appreciate everyone's input on this thread.

 

Why would Evernote appoint a Head of Security who is pro encryption if, as a business, they did not have any interest in providing it?  IAC, he is in a great position to continue to voice the need for this feature to the people that make the decisions.

 

So, I think there is good reason to continue to request better encryption, and to hope that Evernote will provide it, albeit that it is not likely to be provided in the near term.

Link to post
  • 0

I'm wondering what more one might want from a security model than trust no one encryption with a multitude of multi factor login options.

And to add in LP enterprise, the usage logging across the enterprise is great, and much more useful to me than a personal decentralized model like keypass or 1password.

 

From my perspective, LastPass represents a massive target, and they've had enough near/partial breach scenarios that I wasn't willing to trust all my data to their security. They take security very seriously, and are good about communicating to their users, but this last attack was enough motivation for me to switch to something else (that, plus the utter awfulness of their UI).

 

I'm not a security expert, but I like 1password's approach: there is no centralized server to hack. All data is encrypted locally via individual data blobs. If you use Dropbox to sync your 1password files, like I do, these encrypted blobs are on the Dropbox server, but they're not linked to Dropbox for decryption. They have a good explanation of authentication vs. encryption that sums it up nicely: authentication (what Evernote uses for cloud access) is more flexible, but encryption is safer. 1password also has really strong stand-alone apps on Android, iOS, etc.

  • Like 1
Link to post
  • 0
  • Level 5*

I'm not a security expert, but I like 1password's approach: there is no centralized server to hack. All data is encrypted locally via individual data blobs. If you use Dropbox to sync your 1password files, like I do, these encrypted blobs are on the Dropbox server, but they're not linked to Dropbox for decryption. They have a good explanation of authentication vs. encryption that sums it up nicely: authentication (what Evernote uses for cloud access) is more flexible, but encryption is safer. 1password also has really strong stand-alone apps on Android, iOS, etc.

 

 

Excellent point about 1Password.

 

Further, once I open 1Password on *any* device that I've sync'd via Dropbox, all data within 1PW is completely searchable.

I do this all the time, and it works well.

 

So, those that say encryption prevents searching, might want to rethink that statement.   ;)

 

The other great thing is that when 1PW app is closed, I can't read the data via other means.  So it is always secure on my Mac.  :)

  • Like 1
Link to post
  • 0
  • Level 5

Naw, it really isn't any different.

Presumably most people are using dropbox or icloud to sync their 1password library.

So on the one hand you have a sync service distributing a pre-encrypted blob which the sync service cannot decrypt.

And on the other you have LastPass.  Also a sync service distributing a pre-encrypted blob which the sync service cannot decrypt.

Just like in this thread, where some are asking for TNO pre-encryption for notes which the sync service cannot decrypt.

 

In all cases, even if the service was hacked, that doesn't get you into the encrypted data.

Further I would argue that the security oversight, controls, and history are better with Lastpass than icloud and dropbox.

If you were not following security news, did you hear from Dropbox when a software update allowed for about an hour, all accounts to be logged in with any password entered?  Lastpass errs on the side of caution and transparency, whereas icloud and dropbox are far more opaque. 

 

Unlike using Dropbox/icloud to sync/distribute my passwords, with Lastpass we can:

  • restrict which countries can log in
  • restrict login attempts from TOR
  • turn off email verification/bypass for unknown devices and locations
  • pick from 8 different multi-factor options (including up to 5 Yubikeys on one account). 
  • scale it up to supporting a whole enterprise
    • keeping items encrypted and access logged, but being able to share single items, folders or nested folders.
    • being able to keep enterprise and personal sites separate and usable in a single view, but separate-able with a single click. Or letting them use read-only credentials to log in without being able to view them.
    • being able to report on or create automated reminders for weak or duplicated passwords across all lastpass accounts.
    • Being able to view in a report the master password strength and multi-factor use across the enterprise to determine that no one needed to change their passwords based on a maybe that hashes but not encrypted blobs might have been lost, in the last LP notification.  Knowing there isn't enough life in the universe to have time to crack the hashes.  And that even if they did and had credentials, they still couldn't log in to download a encrypted blob.

 

Because the Lastpass service is tightly integrated with the app, there is great site by site, note by note usage/access logging for verification purposes.

Other than a strong password, do you know with reasonable certainty, that no one else has accessed data in your vault, or is not currently attempting to brute force into a copy of your vault?

 

Lastpass too can be used completely offline.  Via any of, the stored encrypted blob +plus browser plugin, mobile apps, the windows app LastPass Pocket, Portable thumbdrive instances.

There's every reason Evernote could a do a very similar model.

Link to post
  • 0

As stated before, all should be encrypted, period, and it will be at some point in time, whatever tool we are using some time from now will have EVERYTHING encrypted, ALL the time, that's one. Now the question is what and by when will provide this functionality, personally i don't think it is a matter of prioritizing requirements, rather it should be perceived as a basic need. Ask yourself why you would want to post any un-encrypted data anywhere? A hand written note is un-encrypted, and that's ok, since only those few individuals in and around the "note" can read it. Take a picture of it and post it online, in the cloud, and suddenly it's ok that anybody can read it (after user names/passwords have leaked or ....), why is that? This discussion will appear strange a while from now, when all is encrypted all the time. 

 

Agreed 100%. Evernote has the choice to be a leader in this space, or a follower once the rest of the world is on board. There's a groundswell pushing toward "https everywhere", VPN for security (I just backed an Indiegogo product called Keezel that creates dead-simple VPN for all devices via WiFi), and there have been such an unrelenting stream of massive hacks and data breaches, digital security is something even casual users are starting to think about...but even if they're not demanding better security from Evernote, there's no reason why Evernote should wait around to deliver it. Users might not think what they have in their notebooks need securing, but with the prevalence of identity theft, even casual, seemingly innocent bits of information could be used against them.

 

Evernote's seemingly casual approach to security - there isn't even a password option on the desktop client - will not help them in the long run.

  • Like 1
Link to post
  • 0

A couple of months ago I decided to give up on them and moved over to DevonThink Pro Office and rendered my use of Evernote for useless webclips I come across while searching online for stuff. I must say this movement is causing me real trouble because I have information spread in two platforms and I guess I will little by little move away from Evernote totally, as it is quite a PITA my current setup..After so many years of being an Evernote advocate and supporting Evernote as a Premium User since 2009 (or 2008 I can't remember), my next step will be to downgrade my account. Too bad I did not remember to stop the automatic renewal I set back then with my paypal account.

 

Give Pocket a try. It's a great cross-platform tool for web reading - I used to use Evernote for that purpose, but ultimately found it pretty clunky. Pocket is really focused and fast at what it does.

 

I too am seeing less value from Evernote and may let my account downgrade - I simply don't get the value from it that I used to as I've moved more of my data to 1password. And I used to be a HARDCORE Evernote evangelist!  :(

Link to post
  • 0
  • Level 5*

i think the searchability thing is probably a red herring. other apps manage to achieve full zero-knowledge encryption and still have the contents searchable.

i also think the "i don't need encryption" sentiment is probably not so widespread. it peobably ought to be restated as "i don't need encryption that gets in my way." if the encryption was seemless, as it is with other apps, who wouldn't appreciate more security?

0% of my notes in evernote ever were encrypted, because it has always been cumbersome, and for many years it was ineffective. local notebooks are wonderful, as long as they don't get uploaded to evernote servers (this has happened in the past) and you don't use multiple devices. 100% of my stuff is encrypted in other apps, because it happens in the background, and i don't even notice it.

if evernote had the will, i am sure there is a way. it is (as i always say), their choice. but, a choice it is, not technical difficulties (as far as i can tell).

  • Like 1
Link to post
  • 0
  • Level 5

<snip> other apps manage to achieve full zero-knowledge encryption and still have the contents searchable. <snip>

 

 

Is there a Windows program that has zero-knowledge (trust no one) encryption and is searchable?

Link to post
  • 0
  • Level 5*

<snip> other apps manage to achieve full zero-knowledge encryption and still have the contents searchable. <snip>

 

Is there a Windows program that has zero-knowledge (trust no one) encryption and is searchable?

onenote? i don't know about searching (sorry, i don't use it). my problem is syncing with other devices, and when it comes to that, there are only a couple of osx / ios things out there. if you only use one device, get a surface, use evernote local notebooks, and you are all set.

Link to post
  • 0
  • Level 5

No, not OneNote.

 

See: https://spekxvision.wordpress.com/2015/04/14/still-no-secure-cloud-sync-for-onenote/

 

"OneNote 2013 does offer strong encryption, and in fact this is TNO. You can enter a password for a section in any of the Windows/iphone/iPad apps, and the section will be encrypted on the client side. The downside, and it is a big downside, is that you have to do this for each section individually.. not notebook, or section group, but each section. If you have tens or hundreds of sections in your notebook, as I do, that means typing the password for each one when you want to open it!

It also means that you can’t search or index that section while it’s locked – it’s only when you open it, that it can be read. This is equivalent to encrypting each file on disk (since OneNote does indeed use a file for each section).

So – I tried this for a while, and immediately found it a pain to use.. I have a section for each client, product, project, and doing a ‘search all’ would take ten minutes just to temporarily unlock each one. Ideally, they would allow a password to be bulk-applied to multiple sections, so you can unlock the lot in a single action, but they don’t."

 

What ever OneNote does or doesn't do with encryption isn't greatly different than Evernote does in more Apples to Apples comparisons.

Meaning that you aren't just dumping a OneNote file in OneDrive/Skydrive or running it locally.

But actually putting it on Sharepoint Online for collaboration, browser access, sync to ipad, etc.

Encryption is either unavailable or no different than Evernote's.

  • Like 1
Link to post
  • 0

i think the searchability thing is probably a red herring. other apps manage to achieve full zero-knowledge encryption and still have the contents searchable.

i also think the "i don't need encryption" sentiment is probably not so widespread. it peobably ought to be restated as "i don't need encryption that gets in my way." if the encryption was seemless, as it is with other apps, who wouldn't appreciate more security?

0% of my notes in evernote ever were encrypted, because it has always been cumbersome, and for many years it was ineffective. local notebooks are wonderful, as long as they don't get uploaded to evernote servers (this has happened in the past) and you don't use multiple devices. 100% of my stuff is encrypted in other apps, because it happens in the background, and i don't even notice it.

if evernote had the will, i am sure there is a way. it is (as i always say), their choice. but, a choice it is, not technical difficulties (as far as i can tell).

I couldn't have phrased it any better!!!!
Link to post
  • 0
  • Level 5*

unfortunately, windows is kind of barren right now. it sounds like onenote isn't the answer either, though sections seem light years ahead of text (evernote).

on mac, i'd recommend devonthink, which syncs without the cloud at all. if you want to sync via dropbox, it works effortlessly, [EDIT: security issue it had with DB resolved]-- a combination of spideroak and indexing makes everything available on any platform. it works really well.

http://www.christopher-mayo.com/?p=2376

voodoopad recently revamped its backend to increase encryption security, but the app is really slow to get updates, so it is difficult to recommend. it is the only app, though, that has managed to get encryption + dropbox sync working seamlessly (when devonthink revises its security, it will be a better choice, i think). if a single independent developer managed to implement seamless encryption years ago, why can't evernote's team of dozens do it?

nvalt also has encryption, but only for text (what it is built for). it's been humming along for years, but brett is working on something new, so we might have yet another mac option soon. again, one guy managed to do what evernote's team couldn't / wouldn't.

there is still no one like evernote (on every platform) who has mastered encryption, but onenote is inching ahead (in my opinion). i doubt the onenote team (or any of the other developers) are "better" than evernote's. they just decided encryption was necessary, and evernote hasn't made that decision.

this is a great time for evernote to stand up and distinguish itself as the most secure notetaking / personal information manager for everyone. i wish they would.

[EDIT]: added a bit more stuff.

  • Like 3
Link to post
  • 0
  • Level 5*

there is still no one like evernote (on every platform) who has mastered encryption, but onenote is inching ahed (in my opinion). this is a great time for evernote to stand up and distinguish itself as the most secure notetaking / personal information manager for everyone. i wish they would.

 

Roger that!   :D

  • Like 1
Link to post
  • 0
  • Level 5
That is sort of what I expected. As I suggested on my earlier post, Evernote is concentrating on the larger marketplace.

 

"There are some people who would like ultra high-level encryption to cover 100% of their entire Evernote database, but it appears that Evernote believes there is a much bigger market comprised of general users."

 

Searchable zero-knowledge (trust no one) encryption is a wonderful concept (that has been requested for several years), but for a program supporting multiple O/S, including Windows, it's as scarce as hen's teeth. 

 

So until something shows up and proves itself in the future, I will stick with my notebook and use a variety of programs, as well as Evernote with note encryption. Thank you for the suggestions.

  • Like 1
Link to post
  • 0
  • Level 5

Oh... and about the OneNote "TNO" encryption...

Maybe not so much (other than perhaps you bought a retail copy that you use in your own home):

 

https://technet.microsoft.com/en-us/library/cc179125.aspx

  • If you do allow users to password protect documents, and they later forget or lose the password, you can use the DocRecrypt tool to reset or remove the password. For more information, see the Remove or reset file passwords in Office 2013 article.

  • And the selection of encryption methods can be controlled through group policy.  AES and 3DES shouldn't be assumed.  They can be configured to be any of:

    • AES, DES, DESX, 3DES, 3DES_112, and RC2

  • https://technet.microsoft.com/en-us/library/jj923033.aspx

    • Previously, if the original creator of a file password either forgot the password or left the organization, the file was rendered unrecoverable. By using Office 2013 and an escrow key, which is generated from your company or organization’s private key certificate store, an IT admin can “unlock” the file for a user and then either leave the file without password protection, or assign a new password to the file. You, the IT admin, are the keeper of the escrow key which is generated from your company or organization’s private key certificate store. You can silently push the public key information to client computers one time through a registry key setting that you can manually create or you can create it through a Group Policy script. When a user later creates a password-protected Office 2013 Word, Excel, or PowerPoint file, this public key is included in the file header. Later, an IT pro can use the Office DocRecrypt tool to remove the password that is attached to the file, and then, optionally, protect the file by using a new password.

And you have to wonder that there wouldn't be an escrow key on Sharepoint Online hosted content.

  • Like 1
Link to post
  • 0
  • Level 5*

Oh... and about the OneNote "TNO" encryption...

Maybe not so much (other than perhaps you bought a retail copy that you use in your own home):

 

https://technet.microsoft.com/en-us/library/cc179125.aspx

  • If you do allow users to password protect documents, and they later forget or lose the password, you can use the DocRecrypt tool to reset or remove the password. For more information, see the Remove or reset file passwords in Office 2013 article.

  • And the selection of encryption methods can be controlled through group policy.  AES and 3DES shouldn't be assumed.  They can be configured to be any of:

    • AES, DES, DESX, 3DES, 3DES_112, and RC2

  • https://technet.microsoft.com/en-us/library/jj923033.aspx

    • Previously, if the original creator of a file password either forgot the password or left the organization, the file was rendered unrecoverable. By using Office 2013 and an escrow key, which is generated from your company or organization’s private key certificate store, an IT admin can “unlock” the file for a user and then either leave the file without password protection, or assign a new password to the file. You, the IT admin, are the keeper of the escrow key which is generated from your company or organization’s private key certificate store. You can silently push the public key information to client computers one time through a registry key setting that you can manually create or you can create it through a Group Policy script. When a user later creates a password-protected Office 2013 Word, Excel, or PowerPoint file, this public key is included in the file header. Later, an IT pro can use the Office DocRecrypt tool to remove the password that is attached to the file, and then, optionally, protect the file by using a new password.

And you have to wonder that there wouldn't be an escrow key on Sharepoint Online hosted content.

 

 

this is for a corporate environment in which the corporation is given control over the function of the keys (quite a bit of control, in fact, with lots of options). this sounds like a good thing, especially for a company who wants to use encryption widely.

 

for individual users, my understanding is that you can encrypt with zero-knowledge encryption -- only you have the key. 

Link to post
  • 0

i think the searchability thing is probably a red herring. other apps manage to achieve full zero-knowledge encryption and still have the contents searchable.

i also think the "i don't need encryption" sentiment is probably not so widespread. it peobably ought to be restated as "i don't need encryption that gets in my way." if the encryption was seemless, as it is with other apps, who wouldn't appreciate more security?

0% of my notes in evernote ever were encrypted, because it has always been cumbersome, and for many years it was ineffective. local notebooks are wonderful, as long as they don't get uploaded to evernote servers (this has happened in the past) and you don't use multiple devices. 100% of my stuff is encrypted in other apps, because it happens in the background, and i don't even notice it.

if evernote had the will, i am sure there is a way. it is (as i always say), their choice. but, a choice it is, not technical difficulties (as far as i can tell).

 

Totally agree with the red herring statement, it's distracting.

 

Wrt privacy, see "why privacy matters", i also think we're reasoning upside down here, basic principle needs to be, all encrypted, default. 

 

We need to move from postcard thinking, where everyone can read, to correspondence in an envelope, not able (not allowed) to be read by all, along the way. 

 

 

A couple of months ago I decided to give up on them and moved over to DevonThink Pro Office and rendered my use of Evernote for useless webclips I come across while searching online for stuff. I must say this movement is causing me real trouble because I have information spread in two platforms and I guess I will little by little move away from Evernote totally, as it is quite a PITA my current setup..After so many years of being an Evernote advocate and supporting Evernote as a Premium User since 2009 (or 2008 I can't remember), my next step will be to downgrade my account. Too bad I did not remember to stop the automatic renewal I set back then with my paypal account.

 

Give Pocket a try. It's a great cross-platform tool for web reading - I used to use Evernote for that purpose, but ultimately found it pretty clunky. Pocket is really focused and fast at what it does.

 

I too am seeing less value from Evernote and may let my account downgrade - I simply don't get the value from it that I used to as I've moved more of my data to 1password. And I used to be a HARDCORE Evernote evangelist!  :(

 

 

Thanks for the very useful suggestions. 

Link to post
  • 0

+1 for the password protect notes.

Can it really be so difficult guys?

 

And before gazumped chimes in with with password protecting shopping lists I'd like to point out that my shopping list & memoirs would be happily open to all snoopers. Knock yourself out.

However, for the vast majority of users who have a sensitive note here and there a password protected option would be extremely useful.

 

If Evernote touts itself as a "take anywhere" tool then it has to understand a stolen mobile phone or tablet is quite a common occurrence and providing an extra layer of protection on top of the device's own is very desirable.

Hell, make it a paid only option if you like, but please make it. 

  • Like 1
Link to post
  • 0
  • Level 5*

Not gonna comment on shopping lists ;) but yes,  it can be "so difficult".  Basic problem being - do you want to search your secured notes?  Still want OCR on the server for documents and pictures?  Still want access to notes in (at least) six different primary operating systems? There's no software out there (that I'm aware of) can search an encrypted database,  and if your search index is to be used from any device with any OS you need (at least) six different software developments going for an app that can use the same encryption protocols no matter which OS they're running in.

 

There's encryption which does run in different OS's,  but that's a lock-it-and-forget approach which doesn't allow for search and OCR along the way..

 

So it'll cost hundreds of thousands or some millions to code,  and you're willing to buy it;  that makes about 10 possible customers so far...

  • Like 2
Link to post
  • 0

andy,

yeah there are lots of programmers that have managed to allow encrypted notes and such in their apps, Lastpass etc. but obviously we are evernote users and dont want to use multiple apps depending on what kind of notes we have. 

 

gazumped seems to really have a problem with the idea of passworded notes; he keeps wracking his brain to come up with reasons it would be a bad idea. this time he shifted the discussion to "how do you search inside of encrypted notes, thats impossible, millions of dollars would be needed, willing to buy it yourself?". 
*facepalm*
i appreciate the snideness, but no we aren't asking to search inside password protected notes (no one even brought that up). we just want to be able to be able to password protect them, its actually a pretty simple concept. I'm sure it would take some effort on Evernotes part to figure it out, but it does seem like a pretty important function and I think they will implement it at some point, but it appears it's not a priority for them atm. 

  • Like 1
Link to post
  • 0

 , but it appears it's not a priority for them

Regardless of your opinion on Gaz's replies, right there is your answer. It's Evernote's product and if they choose to not implement any stronger/better encryption, it's certainly their choice, If it's a deal breaker for anyone, then it's the user's choice to use an app that better suits their needs.

  • Like 1
Link to post
  • 0

What a lot of rubbish.  I just joined this forum having activated evernote, and finding it suits my needs pretty well.   The only thing I couldn't find was how to password protect a notebook.  I can't believe how many threads there are on this topic and yet the developers ignore the issue.  Utter rubbish.   Why do you people bother asking the powers that be for it when you've been ignored for over 3 years?.  All you people protesting have got too much time on your hands. I'm not wasting my time,  I'm cancelling my registration and going over to OneNote.  Total forum membership period = 10 minutes.   Time wasted on this = 15 minutes including registration, plus the time it will take to delete evernote from all my devices.    Rubbish.   

  • Like 1
Link to post
  • 0

+1

 

If no password protection, then there should be a method to exclude certain results from search as minimum privacy. Best solution so far is to use OS X's autocomplete feature so that a phrase types out as "-tag:private", and do this every time. Why can't we just exclude a notebook from search, either permanently or with -notebook: syntax?

Link to post
  • 0

What a lot of rubbish.  I just joined this forum having activated evernote, and finding it suits my needs pretty well.   The only thing I couldn't find was how to password protect a notebook.  I can't believe how many threads there are on this topic and yet the developers ignore the issue.  Utter rubbish.   Why do you people bother asking the powers that be for it when you've been ignored for over 3 years?.  All you people protesting have got too much time on your hands. I'm not wasting my time,  I'm cancelling my registration and going over to OneNote.  Total forum membership period = 10 minutes.   Time wasted on this = 15 minutes including registration, plus the time it will take to delete evernote from all my devices.    Rubbish.   

 

The controversy of your opinion is in your second sentence. You just joined Evernote, and it did not suit your needs in terms of security - no time wasted, - move to another solution. That's cool, and another good customer decision argument for Evernote to prioritize encryption.

 

Most of the people discussing this particular topic are with Evernote from the beginning, they have more than 2000 notes and when information security things heated up, followed by data leak in Evernote, and then in some other major companies, we all understood the importance of protecting our data. Now it is easy to jump from 0 notes in Evernote to zero notes in OneNote, in fact, it is exactly 10 minutes. However, it is really difficult to move from 2k notes from one product to another. I am now testing OneNote and even after only 2 years of Evernote, it is very complicated for me to get used to different workflows. My point is that all those guys protesting in reality don't have much time and this is why they put pressure on Evernote - for now, the cost of moving to another system is higher than the cost of using workarounds for data protection or not to store private data at all.

 

Moreover, this topic was and is a source of inspiration for some third-party products, so it is definitely not rubbish.

  • Like 2
Link to post
  • 0

Like several others, I would like at a minimum, a notebook password option. There are private things that need that level of protection. I have my computer protected, but as some have noted, we may have some things like journals or medical notes that we want absolute privacy on. I have been using Evernote premium for a few years, but am considering finding something else. 

  • Like 1
Link to post
  • 0

Much has been said here. I just wanted to cast my vote for password protected notebooks. 

Encrypting text is ok, however the text which is so valuable that you would encrypt it...can be deleted without decrypting it. That user flow doesn't make sense to me. It's a great first step.

I would love to lock a note and/or a notebook.

As many have mentioned, the need for feature keeps me using other software while still loving my Evernote.

Thanks

  • Like 1
Link to post
  • 0
  • Level 5*

OK - I got the message - you'd like encryption done at the notebook level and I'm sure the people at EN have noted it.

I don't understand why this prevents you from using Evernote. 

Yes, it means you have to work around this, probably encrypting the data before you import it, or using local notebooks.

Does this really make it impossible to use Evernote?

Has anyone tried out the app Saferoom?  It seems to be the best solution I can find.

  • Like 1
Link to post
  • 0
  • Level 5*
On August 18, 2015 at 5:35 AM, bambooparadox said:

+1 for password protected notebooks

+1 for password protected notes

+1 for password protected text including embedded pictures (jpg-screenshots)

So, it's not sufficient to have a password on the device, and a password on Evernote, you want Evernote to implement 3 other levels of password.

If I was this concerned about a note, I would have it encrypted.

If I was this concerned about notebooks during a presentation, I would be using a special presentation account.

Link to post
  • 0
  • Level 5*
On November 8, 2015 at 4:37 PM, nddean said:

I am astonished my premium account still doesn't let me have my macbook app protected with some basic password. I don't know if I will continue to pay the premium if I can't have security across devices.

The Evernote app on my Mac has sign in/off with password

Link to post
  • 0
16 minutes ago, DTLow said:

The Evernote app on my Mac has sign in/off with password

This option is helpful, but not convenient enough. Sign in/off for data protection requires that you should be paranoid about it - you need constantly to remember log off every time. 

I don't store in Evernote government secrets, I don't need serious encryption and I don't want really thinking about it all the time. What I need is convenient option to protect my medical and financial notebooks from the eyes of my friends and coworkers without losing easiness of access to other notebooks. 

Edited by Siberian
Link to post
  • 0
  • Level 5*
16 minutes ago, EasyTiger said:

Have moved to OneNote also, far better.

It just depends on what you want.  Neither Evernote nor OneNote will fit everyone's needs.
Even though there are parts of the UI I don't like, and some features I'd really like to have, IMO, Evernote is far better than OneNote, especially in:

  • Cross platform syncing
  • Web clipping
  • Searching
  • Tagging
Link to post
  • 0
  • Level 5*
24 minutes ago, dancer said:

After all this time one would think the company would respond to all these users, but no response. :angry:

I thought the inferred response was: No, not at this time ?

I'm sure they've taken note of the suggestion, and all the +1s and voting.

Its so nice of you OneNoters to participate in the Evernote forums.
Do you see much Evernote posts in the OneNote forums.

Link to post
  • 0

100% agree here.  Really want this feature.  I use Evernote at work and don't want my search results from OKCupid showing up onscreen when searching for something on Google with a colleague.  So I disable the help on the web.  But I store technical notes and personal notes with Evernote and the twain should not mix.  Could get two Evernote accounts, but I have Premium and want Premium features all the time.  So what should I do?   

Link to post
  • 0
  • Level 5*
On 1/30/2016 at 10:30 AM, wealthychef said:

But I store technical notes and personal notes with Evernote and the twain should not mix.  Could get two Evernote accounts, but I have Premium and want Premium features all the time.  So what should I do?

I know this is not the answer you'd like to see, but I don't see any alternatives to separate Evernote accounts if you want to ensure your personal notes don't ever show up in your work Evernote and/or work google searches.

Link to post
  • 0

Yes, it's strange that something along these lines is not implemented.  Even just a password to open the app on a computer would be welcome.  I do currently use the pin on the Android app.  What is also strange is the responses on these forums suggesting that maybe this isn't the app for me if I'm looking for this kind of thing.  

The only reason that I am an Evernote user is because of the combination of these 2 features:

A_)  Automatic searchable "ocr" of images and pdfs.  This is huge.  Until Onenote I am not aware of any similar software that can do this effectively.  I want need this ability to take pictures of documents and other things and find them later without creating tags or notes at the time I took the photo or scanned the document.  

B_)  The cross platform sync that allows me to use a desktop app on OSX and an Android mobile.  

I've found most of Evernote to be quite pleasant.  I don't often have trouble with syncing, the web clipper is indeed pretty nice and the overall flow of it is smooth.  

I'm just starting to play with Onenote but it doesn't look promising.  The Android app is too limited.  I'm also concerned about being tied to Microsoft.  I spent considerable time searching for an open source option that I could host myself but couldn't find anything suitable.  I honestly don't feel that I have other options.  

It's a shame that Evernote hasn't found it's way yet.  And I'm troubled that once they do find their way, they will leave behind many great ideas that someone should be able to continue using.  

Link to post
  • 0
  • Level 5*
20 minutes ago, Chmedly said:

Even just a password to open the app on a computer would be welcome

If you sign out of Evernote before you quit/exit, it will require a sign in the next time you open Evernote.
Note that you must have an Internet connection and connect to the EN Cloud to sign in.

Link to post
  • 0
  • Level 5*

i understand the use case, but passwords seem kind of meaningless to me when everything is still searchable (mac) and unencrypted so that anyone with basic computer literacy can rifle through your stuff. 

the problem on a computer has a simple, elegant, and considerably more secure solution: a guest user account. a single click and you can hand your computer over to someone without any worries about them indg your data (assuming a friend or relative sitting next to you -- a hacker would make mincemeat of this).

when you step away from your computer, just turn on the password-protected screen saver (a swipe on the mac using hot corners). problem solved, right?

  • Like 1
Link to post
  • 0

It seems to me th is whole debate on password protected notes (lots of users requesting it, and Evernote team steadily turning it down for years) is the result of a misunderstanding. 

Basically the users are saying that password protected notes would add a little privacy in case their wife, husband or children click on the Evernote link in the family computer browser

Evernote people are saying that:

- this would give a false sense of security and that it's better to properly encrypt the secret part of the notes within or outside Evernote.

- that it would make searching into these notes impossible etc.

Well we're mixing up security and privacy+ease of use here: Users aren't even asking for the password Encrypted notes, they're asking for password Protected notes: if you have the password/pin code you can see the note, if you don't well, you can't. 

Users are ready to accept that this is not a top-notch security feature, it doesn't need to show on your (impressive) security overview page. Classify it as an ease of use feature if you will. As long as people don't log off their account when they're they're fully responsible of what happens with it when they're not around. However this feature will give them some peace of mind and possibility to do some damage control in case they eventually forget to log off some time.

Regards. 

 

  • Like 2
Link to post
  • 0

+1  I really want this feature.   It is simply not enough to provide a screen saver password.   I have kids that access my computer for various things.  Mostly school stuff , Netflix and youtube.      And that god forsaken Mine Craft.

I have notes that pertain to business, diaries and some notes that are adult in nature.   I don't want kids that have access to my computer to also have access to my evernote.   I would really love to have a password per notebook so that I can let kids use the evernote but not access the diary and other personal data.

 

Please add this feature!   Nothing complex.  Just something that I can put a simple lock code on.    The IPhone App allows a 4 digit code. . .  That would be awesome on my Mac.

 

Link to post
  • 0

Just adding another voice to this. For me it's important  that I can get to most of my notebooks without having to use a password because I use it 'on the hoof' to record all kinds of stuff and don't want to be slowed down tapping in a password on an iPhone etc.

However I would like some notebooks for sensitive information that are password protected. I'm not worried about the CIA or any such concerns that need encryption, I just don't want other people using my computer to be able to see some stuff. 

As it is I use the  'Day One' app which is perfect for the security that I require but the text formatting is too limited and I'd ideally use evernote if I could

Link to post
  • 0
  • Level 5*
3 hours ago, MyCall said:

I just don't want other people using my computer to be able to see some stuff. 

As mentioned above, you can sign out of Evernote.  Its what I would do if I shared my computer with other people.

Also, you might want to add your vote for this feature; left corner at the top of the page - the vote is now 12

Link to post
  • 0

 

7 minutes ago, DTLow said:

As mentioned above, you can sign out of Evernote.  Its what I would do if I shared my computer with other people.

Also, you might want to add your vote for this feature; left corner at the top of the page - the vote is now 12

Yes I understood that and likewise I can password protect my entire account on the computer but as I stated I want instant access to most of my evernotebooks and only want to password protect some of them. Thanks for suggesting I vote which I have now done

Link to post

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×
×
  • Create New...